URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Submission: On October 20 via api from US — Scanned from DE

Summary

This website contacted 42 IPs in 8 countries across 38 domains to perform 216 HTTP transactions. The main IP is 149.28.118.2, located in Elk Grove Village, United States and belongs to AS-CHOOPA, US. The main domain is bestnewshere.com.
TLS certificate: Issued by R3 on August 29th 2021. Valid for: 3 months.
This is the only time bestnewshere.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
27 149.28.118.2 20473 (AS-CHOOPA)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
61 104.19.135.78 13335 (CLOUDFLAR...)
10 151.139.128.11 20446 (HIGHWINDS3)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
11 99.80.188.163 16509 (AMAZON-02)
5 2600:9000:225... 16509 (AMAZON-02)
10 130.211.115.4 15169 (GOOGLE)
1 2a0c:5c81:513... 55081 (24SHELLS)
2 6 23.37.42.132 16625 (AKAMAI-AS)
2 3 13.248.242.197 16509 (AMAZON-02)
4 4 142.250.186.162 15169 (GOOGLE)
1 1 109.206.161.21 50245 (SERVEREL-AS)
1 69.173.144.138 26667 (RUBICONPR...)
2 2 18.197.249.149 16509 (AMAZON-02)
1 104.16.221.74 13335 (CLOUDFLAR...)
1 104.19.217.61 13335 (CLOUDFLAR...)
5 5 18.196.176.125 16509 (AMAZON-02)
1 79.125.73.87 16509 (AMAZON-02)
2 2 35.212.212.222 15169 (GOOGLE)
1 1 188.34.152.202 24940 (HETZNER-AS)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
2 5 13.32.99.105 16509 (AMAZON-02)
1 151.101.130.137 54113 (FASTLY)
6 34.193.25.178 14618 (AMAZON-AES)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 34.201.197.184 14618 (AMAZON-AES)
2 69.173.144.165 26667 (RUBICONPR...)
4 34.199.127.9 14618 (AMAZON-AES)
1 35.173.4.119 14618 (AMAZON-AES)
19 2.16.186.139 20940 (AKAMAI-ASN1)
1 2 54.93.162.63 16509 (AMAZON-02)
2 2.18.233.180 16625 (AKAMAI-AS)
2 8 2.18.234.21 16625 (AKAMAI-AS)
4 8 185.86.137.114 201081 (SMARTADSE...)
2 185.86.138.16 201081 (SMARTADSE...)
1 185.94.180.124 35220 (SPOTX-AMS)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 185.64.190.78 62713 (AS-PUBMATIC)
1 2 52.46.154.242 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 1 3.208.62.189 14618 (AMAZON-AES)
1 2 34.253.111.115 16509 (AMAZON-02)
1 34.196.245.189 14618 (AMAZON-AES)
1 2 18.213.10.151 14618 (AMAZON-AES)
1 51.89.21.10 16276 (OVH)
216 42
Apex Domain
Subdomains
Transfer
61 mgid.com
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
s-img.mgid.com
cm.mgid.com
894 KB
27 bestnewshere.com
bestnewshere.com
420 KB
26 ex.co
player.ex.co
prd-collector-anon.ex.co
mcd.ex.co
1 MB
21 revcontent.com
assets.revcontent.com
trends.revcontent.com
cdn.revcontent.com
img.revcontent.com
images.revcontent.com
259 KB
15 ad-score.com
js.ad-score.com
data.ad-score.com
126 KB
10 smartadserver.com
www9.smartadserver.com
prg.smartadserver.com
6 KB
9 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
22 KB
8 casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
9 KB
8 aniview.com
player.aniview.com
track1.aniview.com
premiumsrv.aniview.com
sync.aniview.com
201 KB
7 gstatic.com
fonts.gstatic.com
167 KB
5 scorecardresearch.com
sb.scorecardresearch.com
3 KB
5 bidswitch.net
x.bidswitch.net
3 KB
4 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
11 KB
4 doubleclick.net
cm.g.doubleclick.net
758 B
3 avplayer.com
player.avplayer.com
atrack.avplayer.com
71 KB
3 adsrvr.org
match.adsrvr.org
1 KB
2 eqads.com
um2.eqads.com
563 B
2 crwdcntrl.net
bcp.crwdcntrl.net
1 KB
2 amazon-adsystem.com
s.amazon-adsystem.com
1 KB
2 advertising.com
pixel.advertising.com
327 B
2 creativecdn.com
creativecdn.com
687 B
2 mfadsrvr.com
rtb-usw.mfadsrvr.com
755 B
2 360yield.com
ad.360yield.com
614 B
2 google-analytics.com
www.google-analytics.com
20 KB
2 googleapis.com
fonts.googleapis.com
3 KB
2 bootstrapcdn.com
netdna.bootstrapcdn.com
71 KB
2 fontawesome.com
use.fontawesome.com
86 KB
1 id5-sync.com
id5-sync.com
534 B
1 advangelists.com
nep.advangelists.com
232 B
1 quantserve.com
pixel.quantserve.com
511 B
1 spotxchange.com
search.spotxchange.com
1 KB
1 splicky.com
bidswitch-eu.splicky.com
218 B
1 pubmine.com
s.pubmine.com
286 B
1 lentainform.com
cm.lentainform.com
495 B
1 idealmedia.io
cm.idealmedia.io
412 B
1 e-volution.ai
sync.e-volution.ai
463 B
1 adtelligent.com
s.adtelligent.com
sync.adtelligent.com Failed
884 B
0 Failed
function sub() { [native code] }. Failed
216 38
Domain Requested by
35 s-img.mgid.com jsc.mgid.com
27 bestnewshere.com bestnewshere.com
19 mcd.ex.co player.avplayer.com
11 trends.revcontent.com assets.revcontent.com
10 data.ad-score.com js.ad-score.com
8 www9.smartadserver.com 4 redirects
8 cm.mgid.com jsc.mgid.com
8 cdn.mgid.com jsc.mgid.com
7 images.revcontent.com
7 fonts.gstatic.com fonts.googleapis.com
6 prd-collector-anon.ex.co player.ex.co
5 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
um2.eqads.com
5 sb.scorecardresearch.com 2 redirects jsc.mgid.com
5 x.bidswitch.net 5 redirects
5 js.ad-score.com assets.revcontent.com
js.ad-score.com
4 track1.aniview.com player.aniview.com
4 cm.g.doubleclick.net 4 redirects
4 eus.rubiconproject.com cm.mgid.com
eus.rubiconproject.com
player.aniview.com
4 c.mgid.com jsc.mgid.com
4 jsc.mgid.com bestnewshere.com
jsc.mgid.com
3 match.adsrvr.org 2 redirects ssum.casalemedia.com
2 um2.eqads.com 1 redirects ssum.casalemedia.com
2 bcp.crwdcntrl.net 1 redirects ssum.casalemedia.com
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 prg.smartadserver.com player.aniview.com
2 ssum.casalemedia.com 1 redirects player.aniview.com
2 ads.pubmatic.com player.aniview.com
2 pixel.advertising.com 1 redirects player.aniview.com
2 token.rubiconproject.com eus.rubiconproject.com
2 atrack.avplayer.com
2 player.aniview.com player.ex.co
player.aniview.com
2 creativecdn.com 2 redirects
2 rtb-usw.mfadsrvr.com 2 redirects
2 ad.360yield.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 servicer.mgid.com jsc.mgid.com
2 www.google-analytics.com bestnewshere.com
www.google-analytics.com
2 fonts.googleapis.com bestnewshere.com
client
2 netdna.bootstrapcdn.com bestnewshere.com
netdna.bootstrapcdn.com
2 use.fontawesome.com bestnewshere.com
use.fontawesome.com
1 id5-sync.com player.aniview.com
1 sync.aniview.com ssum.casalemedia.com
1 nep.advangelists.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 ssum-sec.casalemedia.com ssum.casalemedia.com
1 image6.pubmatic.com ads.pubmatic.com
1 hbopenbid.pubmatic.com player.aniview.com
1 search.spotxchange.com player.aniview.com
1 premiumsrv.aniview.com player.aniview.com
1 player.avplayer.com player.ex.co
1 player.ex.co bestnewshere.com
1 bidswitch-eu.splicky.com 1 redirects
1 s.pubmine.com
1 cm.lentainform.com
1 cm.idealmedia.io
1 pixel.rubiconproject.com
1 sync.e-volution.ai 1 redirects
1 s.adtelligent.com cm.mgid.com
1 img.revcontent.com
1 cdn.revcontent.com
1 assets.revcontent.com bestnewshere.com
0 sync.adtelligent.com Failed s.adtelligent.com
0 bestnewshere Failed bestnewshere.com
216 63
Subject Issuer Validity Valid
*.bestnewshere.com
R3
2021-08-29 -
2021-11-27
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-07 -
2022-07-06
a year crt.sh
upload.video.google.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
assets.revcontent.com
R3
2021-09-11 -
2021-12-10
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
revcontent.com
Amazon
2021-08-09 -
2022-09-07
a year crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2
2021-09-02 -
2022-10-04
a year crt.sh
cdn.revcontent.com
R3
2021-09-13 -
2021-12-12
3 months crt.sh
img.revcontent.com
R3
2021-09-12 -
2021-12-11
3 months crt.sh
images.revcontent.com
R3
2021-09-11 -
2021-12-10
3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2021-10-04 -
2022-01-02
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2021-04-01 -
2022-04-04
a year crt.sh
s.pubmine.com
Sectigo RSA Domain Validation Secure Server CA
2021-10-15 -
2022-10-30
a year crt.sh
*.scorecardresearch.com
Amazon
2021-02-28 -
2022-03-29
a year crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2
2020-12-27 -
2022-01-28
a year crt.sh
outstreamedia.com
R3
2021-10-12 -
2022-01-10
3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA
2021-02-23 -
2022-02-27
a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA
2021-07-26 -
2022-01-19
6 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2021-03-30 -
2022-04-04
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-02-05 -
2022-02-09
a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA
2020-01-30 -
2022-02-03
2 years crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018
2021-03-10 -
2022-03-29
a year crt.sh
s.amazon-adsystem.com
Amazon
2021-07-14 -
2022-06-27
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2021-04-29 -
2022-05-31
a year crt.sh
um3.eqads.com
Amazon
2021-06-26 -
2022-07-25
a year crt.sh
*.id5-sync.com
R3
2021-10-05 -
2022-01-03
3 months crt.sh

This page contains 13 frames:

Primary Page: https://bestnewshere.com/anyone-for-an-october-surprise/
Frame ID: 4CBEE5AD85475BE12D9F135DFCF1AF58
Requests: 187 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?pid=1000177
Frame ID: 7766F7A8E3DF37B335939BB7DB8B0585
Requests: 2 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?pid=1000177
Frame ID: 18B6E2943D54BD64F61087784B101B97
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1634769306867241983234
Frame ID: C7798D25EBFD1E8BEFC9C0523AE5D465
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: 44109D3F91425E1F3085E9EFD9E1845C
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: B52989441C8759657478466955043D40
Requests: 3 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Frame ID: A00920550A46B32237BB761A30C75B0B
Requests: 2 HTTP requests in this frame

Frame: https://pixel.advertising.com/ups/58195/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true
Frame ID: 2F7752EE96C7429B1B4F4D58813E277C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634769307815-937596263743-008893-013-000898%26biddername%3D1%26key%3D
Frame ID: 5B21B29C1B2CE0AF200AFBF9C14E85FF
Requests: 2 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634769307815-937596263743-008893-013-000898%26biddername%3D42%26key%3D&s=190719&C=1
Frame ID: EFFC502DE8BEFDE935A062C9E91812A0
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Frame ID: 9927EEE46644E1199BAAED2843D7AC9F
Requests: 3 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: A23F007AC44441F2DE1FFA2D256E72ED
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Frame ID: C6A901F64C4057885C06224249EB911C
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

ANYONE FOR AN OCTOBER SURPRISE? - best news here

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

216
Requests

99 %
HTTPS

20 %
IPv6

38
Domains

63
Subdomains

42
IPs

8
Countries

3594 kB
Transfer

6242 kB
Size

48
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 111
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Request Chain 112
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=79e39cae-5774-4fda-9bd0-573d33d2bacf&ttl=1637361307
Request Chain 113
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDlrNmdmSHZhNHpm&muidn=l9k6gfHva4zf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDlrNmdmSHZhNHpm&muidn=l9k6gfHva4zf&google_tc= HTTP 302
  • https://cm.mgid.com/google?muidn=l9k6gfHva4zf&google_ula={guid},5&google_gid=CAESEIfFmz6OZbITMMQ3gVuPzpQ&google_cver=1
Request Chain 114
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l9k6gfHva4zf HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Request Chain 115
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=665953&c=4c847682-9314-4ddf-a81a-54d6594ee10e
Request Chain 118
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l9k6gfHva4zf HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l9k6gfHva4zf HTTP 302
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=d6ec4d70-8c29-4429-8ebd-9acb5bbfdba8&ssp_data=&gdpr=&gdpr_consent=
Request Chain 119
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=287839&c=8f7d0d21-9a7a-4a66-a726-c9ad62ee7dd1
Request Chain 120
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=mgid&bsw_custom_parameter=d6ec4d70-8c29-4429-8ebd-9acb5bbfdba8 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=mgid&expires=10&bsw_param=d6ec4d70-8c29-4429-8ebd-9acb5bbfdba8 HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=d6ec4d70-8c29-4429-8ebd-9acb5bbfdba8&gdpr=&gdpr_consent=&us_privacy=
Request Chain 121
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=zIkGf0eprU8hhU5vPgNX&pi=mgid&tc=1
Request Chain 127
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1634769307135&ns_c=UTF-8&cv=3.5&c8=ANYONE%20FOR%20AN%20OCTOBER%20SURPRISE%3F%20-%20best%20news%20here&c7=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1634769307135&ns_c=UTF-8&cv=3.5&c8=ANYONE%20FOR%20AN%20OCTOBER%20SURPRISE%3F%20-%20best%20news%20here&c7=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&c9=
Request Chain 128
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1634769307138&ns_c=UTF-8&cv=3.5&c8=ANYONE%20FOR%20AN%20OCTOBER%20SURPRISE%3F%20-%20best%20news%20here&c7=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1634769307138&ns_c=UTF-8&cv=3.5&c8=ANYONE%20FOR%20AN%20OCTOBER%20SURPRISE%3F%20-%20best%20news%20here&c7=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&c9=
Request Chain 174
  • https://pixel.advertising.com/ups/58195/sync?&gdpr=1&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58195/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true
Request Chain 176
  • https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634769307815-937596263743-008893-013-000898%26biddername%3D42%26key%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634769307815-937596263743-008893-013-000898%26biddername%3D42%26key%3D&s=190719&C=1
Request Chain 177
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Request Chain 180
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1426227&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=197528038666128525&pgdomain=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00002BlxpGQAR,1,,,&cbb=4769307847 HTTP 302
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1426227&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=197528038666128525&pgdomain=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=4769307847&cklb=1
Request Chain 181
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1027757&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=197528038666128526&pgdomain=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00002BlxpGQAR,1,,,&cbb=4769307849 HTTP 302
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1027757&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=197528038666128526&pgdomain=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=4769307849&cklb=1
Request Chain 182
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1027756&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=197528038666128528&pgdomain=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00002BlxpGQAR,1,,,&cbb=4769307855 HTTP 302
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1027756&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=197528038666128528&pgdomain=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=4769307855&cklb=1
Request Chain 183
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=913531&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=197528038666128530&pgdomain=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00002BlxpGQAR,1,,,&cbb=4769307855 HTTP 302
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=913531&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=197528038666128530&pgdomain=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=4769307855&cklb=1
Request Chain 195
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXCZm2qeghMDQfZ3IrXojAAABLAAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXCZm2qeghMDQfZ3IrXojAAABLAAAAAB&dcc=t
Request Chain 196
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YXCZm2qeghMDQfZ3IrXojAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECv5xXsMS3yZ1YgGmZPDdJI&google_cver=1&gdpr=1
Request Chain 197
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YXCZm2qeghMDQfZ3IrXojAAABLAAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEB0EJmICO4YJCRZ8CI57Gz0&google_cver=1
Request Chain 199
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=uOjkrbfg6v6j6rKu6Lv--b2_tqSjveX5vL3T1ow4
Request Chain 200
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-fbf961f6-a522-4c31-92e7-52acd2d5ef9f
Request Chain 201
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YXCZm2qeghMDQfZ3IrXojAAA%261200?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YXCZm2qeghMDQfZ3IrXojAAA%261200?gdpr_consent=&us_privacy=&gdpr=1
Request Chain 203
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1

216 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
bestnewshere.com/anyone-for-an-october-surprise/
50 KB
11 KB
Document
General
Full URL
https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.118.2.vultr.com
Software
nginx /
Resource Hash
54985209ff4ddf164fb2b1e07b8de269f1a47f6d4596f0895c57a2189f08f193

Request headers

:method
GET
:authority
bestnewshere.com
:scheme
https
:path
/anyone-for-an-october-surprise/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Wed, 20 Oct 2021 22:35:05 GMT
content-type
text/html; charset=UTF-8
content-length
10943
x-pingback
https://bestnewshere.com/xmlrpc.php
link
<https://bestnewshere.com/wp-json/>; rel="https://api.w.org/", <https://bestnewshere.com/wp-json/wp/v2/posts/20912>; rel="alternate"; type="application/json", <https://bestnewshere.com/?p=20912>; rel=shortlink
cache-provider
CLOUDWAYS-CACHE-DC
content-encoding
gzip
vary
Accept-Encoding
last-modified
Wed, 20 Oct 2021 21:53:35 GMT
cache-control
max-age=0
expires
Wed, 20 Oct 2021 21:53:35 GMT
age
2489
x-cache
HIT
accept-ranges
bytes
style.min.css
bestnewshere.com/wp-includes/css/dist/block-library/
79 KB
10 KB
Stylesheet
General
Full URL
https://bestnewshere.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.118.2.vultr.com
Software
nginx /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
bestnewshere.com
referer
https://bestnewshere.com/anyone-for-an-october-surprise/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/anyone-for-an-october-surprise/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 03:42:57 GMT
server
nginx
etag
W/"60f797c1-13abe"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Fri, 19 Nov 2021 22:35:05 GMT
scriptlesssocialsharing-style.css
bestnewshere.com/wp-content/plugins/scriptless-social-sharing/includes/css/
2 KB
871 B
Stylesheet
General
Full URL
https://bestnewshere.com/wp-content/plugins/scriptless-social-sharing/includes/css/scriptlesssocialsharing-style.css?ver=3.1.6
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.118.2.vultr.com
Software
nginx /
Resource Hash
8cd9d704e6f42c7b473766cd51927ba0a6723b339ff0e1173989f66576d802c5

Request headers

:path
/wp-content/plugins/scriptless-social-sharing/includes/css/scriptlesssocialsharing-style.css?ver=3.1.6
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
bestnewshere.com
referer
https://bestnewshere.com/anyone-for-an-october-surprise/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/anyone-for-an-october-surprise/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
content-encoding
gzip
last-modified
Tue, 09 Feb 2021 01:34:46 GMT
server
nginx
etag
W/"6021e6b6-989"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Fri, 19 Nov 2021 22:35:05 GMT
all.css
use.fontawesome.com/releases/v5.10.2/css/
55 KB
13 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.10.2/css/all.css?ver=5.10.2
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9167219
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
4MW7A81SS7Y35FVN
x-amz-id-2
6BqxwlCn+jprvaIgUiBbkfj+QNkiC2WmMpm5pxhqxDPyFxOLTvsb4gssg8dSs+evnnizugUL88g=
last-modified
Wed, 30 Jun 2021 15:36:08 GMT
server
cloudflare
etag
W/"164a58dcca37a5b00c22e06ee8e2fc68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QtWORHYwnGEJU6r7rdKvAcf4Zqd6mxW%2BtxWVtOPfqfBMBK4aDLEIrijbhgsPAo8A5PtGhgu8m%2BLhyCLp9zDgAWf9F5XFCOWsLnKibm19zwp1%2BiX%2F5jtj%2FhZb%2FM%2BqFJCG0YJ6Yk2e6B290ya%2FPE1nT%2FIO"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
6a15b79faf506967-FRA
scriptlesssocialsharing-fontawesome.css
bestnewshere.com/wp-content/plugins/scriptless-social-sharing/includes/css/
1007 B
511 B
Stylesheet
General
Full URL
https://bestnewshere.com/wp-content/plugins/scriptless-social-sharing/includes/css/scriptlesssocialsharing-fontawesome.css?ver=3.1.6
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.118.2.vultr.com
Software
nginx /
Resource Hash
d298301d93d7cb69af9a377f3f193e22dad1a6e053f3d3826a43813473c9fb32

Request headers

:path
/wp-content/plugins/scriptless-social-sharing/includes/css/scriptlesssocialsharing-fontawesome.css?ver=3.1.6
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
bestnewshere.com
referer
https://bestnewshere.com/anyone-for-an-october-surprise/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/anyone-for-an-october-surprise/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
content-encoding
gzip
last-modified
Tue, 09 Feb 2021 01:35:14 GMT
server
nginx
etag
W/"6021e6d2-3ef"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Fri, 19 Nov 2021 22:35:05 GMT
reset.css
bestnewshere.com/wp-content/themes/flex-mag/css/
1 KB
791 B
Stylesheet
General
Full URL
https://bestnewshere.com/wp-content/themes/flex-mag/css/reset.css?ver=5.8.1
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.118.2.vultr.com
Software
nginx /
Resource Hash
2f719d34d3d7420ad540758d502a29633213bceaa985ea2df545aa60dc7e8758

Request headers

:path
/wp-content/themes/flex-mag/css/reset.css?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
bestnewshere.com
referer
https://bestnewshere.com/anyone-for-an-october-surprise/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/anyone-for-an-october-surprise/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
content-encoding
gzip
last-modified
Tue, 09 Feb 2021 01:32:02 GMT
server
nginx
etag
W/"6021e612-434"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Fri, 19 Nov 2021 22:35:05 GMT
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.4.0/css/
32 KB
7 KB
Stylesheet
General
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.css?ver=5.8.1
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e17416059f9e1ada9694ae457d869c6c2941d9da66c9e9ac5d725ab45b50d81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
565, 718, 718
age
3601219
cdn-cachedat
2021-06-06 22:32:03
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
2864ffd0c94825b84bce48823a1d5c5b
cf-ray
6a15b79fba57d70d-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
style.css
bestnewshere.com/wp-content/themes/flex-mag/
96 KB
15 KB
Stylesheet
General
Full URL
https://bestnewshere.com/wp-content/themes/flex-mag/style.css?ver=5.8.1
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.118.2.vultr.com
Software
nginx /
Resource Hash
cc37f65dc37a6ee1ee6478bdf3fe663b9d7a4e446a584f7eea756f77cb1c128d

Request headers

:path
/wp-content/themes/flex-mag/style.css?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
bestnewshere.com
referer
https://bestnewshere.com/anyone-for-an-october-surprise/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/anyone-for-an-october-surprise/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
content-encoding
gzip
last-modified
Tue, 09 Feb 2021 01:34:26 GMT
server
nginx
etag
W/"6021e6a2-181ce"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Fri, 19 Nov 2021 22:35:05 GMT
style-entertainment.css
bestnewshere.com/wp-content/themes/flex-mag/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://bestnewshere.com/wp-content/themes/flex-mag/css/style-entertainment.css?ver=5.8.1
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.118.2.vultr.com
Software
nginx /
Resource Hash
561cd60795008e6d3713619a66f144b405ad565c173e1ecd46a2597c368ab119

Request headers

:path
/wp-content/themes/flex-mag/css/style-entertainment.css?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
bestnewshere.com
referer
https://bestnewshere.com/anyone-for-an-october-surprise/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/anyone-for-an-october-surprise/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
content-encoding
gzip
last-modified
Tue, 09 Feb 2021 01:35:33 GMT
server
nginx
etag
W/"6021e6e5-119d"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Fri, 19 Nov 2021 22:35:05 GMT
media-queries.css
bestnewshere.com/wp-content/themes/flex-mag/css/
91 KB
9 KB
Stylesheet
General
Full URL
https://bestnewshere.com/wp-content/themes/flex-mag/css/media-queries.css?ver=5.8.1
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.118.2.vultr.com
Software
nginx /
Resource Hash
f122aaa855dbb3f7cf5a05368fbdcc7ddd86b4a7a56f1514f1944bbde684111d

Request headers

:path
/wp-content/themes/flex-mag/css/media-queries.css?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
bestnewshere.com
referer
https://bestnewshere.com/anyone-for-an-october-surprise/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/anyone-for-an-october-surprise/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
content-encoding
gzip
last-modified
Tue, 09 Feb 2021 01:31:42 GMT
server
nginx
etag
W/"6021e5fe-16af9"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Fri, 19 Nov 2021 22:35:05 GMT
jquery.min.js
bestnewshere.com/wp-includes/js/jquery/
87 KB
30 KB
Script
General
Full URL
https://bestnewshere.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.118.2.vultr.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bestnewshere.com
referer
https://bestnewshere.com/anyone-for-an-october-surprise/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/anyone-for-an-october-surprise/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 03:42:57 GMT
server
nginx
etag
W/"60f797c1-15db1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Fri, 19 Nov 2021 22:35:05 GMT
jquery-migrate.min.js
bestnewshere.com/wp-includes/js/jquery/
11 KB
4 KB
Script
General
Full URL
https://bestnewshere.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.118.2.vultr.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bestnewshere.com
referer
https://bestnewshere.com/anyone-for-an-october-surprise/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/anyone-for-an-october-surprise/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
content-encoding
gzip
last-modified
Tue, 09 Feb 2021 01:34:43 GMT
server
nginx
etag
W/"6021e6b3-2bd8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Fri, 19 Nov 2021 22:35:05 GMT
css
fonts.googleapis.com/
50 KB
3 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald:400,700|Lato:400,700|Work+Sans:900|Montserrat:400,700|Open+Sans:800|Playfair+Display:400,700,900|Quicksand|Raleway:200,400,700|Roboto+Slab:400,700|Work+Sans:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Work+Sans:100,200,300,400,400italic,500,600,700,700italic,800,900|Lato:100,200,300,400,400italic,500,600,700,700italic,800,900|Montserrat:100,200,300,400,500,600,700,800,900&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek-ext,greek,vietnamese
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5ac0db5640e532db9cfce1269ac4cfd681f5a3a17caf28c7baf94a104c9e3618
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 22:35:05 GMT
server
ESF
date
Wed, 20 Oct 2021 22:35:05 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Wed, 20 Oct 2021 22:35:05 GMT
IMG-9c5ba4442302d594b19b5b9c6c3627a2-V.jpg
bestnewshere.com/wp-content/uploads/2021/05/
13 KB
14 KB
Image
General
Full URL
https://bestnewshere.com/wp-content/uploads/2021/05/IMG-9c5ba4442302d594b19b5b9c6c3627a2-V.jpg
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.118.2.vultr.com
Software
nginx /
Resource Hash
a4fb6e71ff4b3e20ddae588929632b1b0cdb672d0db0d6c1b7c00ffeb63ee098

Request headers

:path
/wp-content/uploads/2021/05/IMG-9c5ba4442302d594b19b5b9c6c3627a2-V.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bestnewshere.com
referer
https://bestnewshere.com/anyone-for-an-october-surprise/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/anyone-for-an-october-surprise/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
last-modified
Fri, 21 May 2021 23:46:13 GMT
server
nginx
etag
"60a84645-355e"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
13662
expires
Fri, 19 Nov 2021 22:35:05 GMT
bestnewshere.com.1093798.js
jsc.mgid.com/b/e/
2 KB
1 KB
Script
General
Full URL
https://jsc.mgid.com/b/e/bestnewshere.com.1093798.js
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdad60df8833166013b1fbd8750c0e29ba1589f25504a8aba45cfd102356432a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
content-encoding
br
cf-cache-status
HIT
age
6040
last-modified
Wed, 08 Sep 2021 08:00:40 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
MTBFNY4A9YA2GPJT
x-amz-id-2
XFWsqQpU+hSwsx8iZfHbGLzUP3q2/yLPLMFOPDolCTBOIOtl1IPEE0n2X8zDIIEoW3WVbmyofWw=
cf-bgj
minify
server
cloudflare
etag
W/"cdaefd12832d99af031283a6f5877d9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6a15b7a1a89f2bf6-FRA
expires
Thu, 21 Oct 2021 01:35:05 GMT
delivery.js
assets.revcontent.com/master/
370 KB
108 KB
Script
General
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
95a197d77b9034160ff10d2c8fa93a8c08605ca63713a2351449352198562c08

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
content-encoding
gzip
last-modified
Fri, 15 Oct 2021 15:14:25 GMT
server
AmazonS3
x-amz-request-id
H641KSP4DGH10MAF
etag
"15087c64be9ec527cc253021a48c3ff3"
x-hw
1634769305.cds011.fr8.hn,1634769305.cds055.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
110120
x-amz-id-2
phbTJl6m9oNVMZ0dYJWlGEo+pDXmt+8OsqUc+aOf0Axz2VRYmO0ZgwaYiubPYsNmdHr2lS4keE8=
bestnewshere.com.1059382.js
jsc.mgid.com/b/e/
2 KB
1 KB
Script
General
Full URL
https://jsc.mgid.com/b/e/bestnewshere.com.1059382.js
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4a3e2715932cff1dc7d2c5346af3211a3bc24492054b98c194e3978a254eda9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
content-encoding
br
cf-cache-status
HIT
age
6040
last-modified
Fri, 24 Sep 2021 10:45:16 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
F1AGTXJGK0NYDATJ
x-amz-id-2
I0VC2KG3m1nJL1wXA2OpJR1j6+DyF+pOVy5SYm3F0sROtV6fEcAZ7fdQuqwWAgX8TCAYPRa7JQs=
cf-bgj
minify
server
cloudflare
etag
W/"77b672edcce27bae5cd21c19d7112075"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6a15b7a1a8a02bf6-FRA
expires
Thu, 21 Oct 2021 01:35:05 GMT
/
bestnewshere/
0
0

comment-reply.min.js
bestnewshere.com/wp-includes/js/
3 KB
2 KB
Script
General
Full URL
https://bestnewshere.com/wp-includes/js/comment-reply.min.js?ver=5.8.1
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.118.2.vultr.com
Software
nginx /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

:path
/wp-includes/js/comment-reply.min.js?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bestnewshere.com
referer
https://bestnewshere.com/anyone-for-an-october-surprise/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/anyone-for-an-october-surprise/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 03:42:56 GMT
server
nginx
etag
W/"6077b640-ba8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Fri, 19 Nov 2021 22:35:05 GMT
scripts.js
bestnewshere.com/wp-content/themes/flex-mag/js/
142 KB
33 KB
Script
General
Full URL
https://bestnewshere.com/wp-content/themes/flex-mag/js/scripts.js?ver=5.8.1
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.118.2.vultr.com
Software
nginx /
Resource Hash
dbe803bfa44254eeac3ce0060cf7b364c1437c8230839511fa2c038632f2ab4e

Request headers

:path
/wp-content/themes/flex-mag/js/scripts.js?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bestnewshere.com
referer
https://bestnewshere.com/anyone-for-an-october-surprise/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/anyone-for-an-october-surprise/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
content-encoding
gzip
last-modified
Tue, 09 Feb 2021 01:34:31 GMT
server
nginx
etag
W/"6021e6a7-237aa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Fri, 19 Nov 2021 22:35:05 GMT
retina.min.js
bestnewshere.com/wp-content/themes/flex-mag/js/
1 KB
905 B
Script
General
Full URL
https://bestnewshere.com/wp-content/themes/flex-mag/js/retina.min.js?ver=5.8.1
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.118.2.vultr.com
Software
nginx /
Resource Hash
a4b979b136d37e751132c84dfb54d711e029081fa3bb1fa33f2d9150b9f5dd5e

Request headers

:path
/wp-content/themes/flex-mag/js/retina.min.js?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bestnewshere.com
referer
https://bestnewshere.com/anyone-for-an-october-surprise/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/anyone-for-an-october-surprise/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
content-encoding
gzip
last-modified
Tue, 09 Feb 2021 01:33:16 GMT
server
nginx
etag
W/"6021e65c-564"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Fri, 19 Nov 2021 22:35:05 GMT
wp-embed.min.js
bestnewshere.com/wp-includes/js/
1 KB
958 B
Script
General
Full URL
https://bestnewshere.com/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.118.2.vultr.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bestnewshere.com
referer
https://bestnewshere.com/anyone-for-an-october-surprise/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/anyone-for-an-october-surprise/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
content-encoding
gzip
last-modified
Tue, 09 Feb 2021 01:33:43 GMT
server
nginx
etag
W/"6021e677-592"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Fri, 19 Nov 2021 22:35:05 GMT
wp-emoji-release.min.js
bestnewshere.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://bestnewshere.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.118.2.vultr.com
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bestnewshere.com
referer
https://bestnewshere.com/anyone-for-an-october-surprise/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/anyone-for-an-october-surprise/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 03:42:57 GMT
server
nginx
etag
W/"60f797c1-4705"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Fri, 19 Nov 2021 22:35:05 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
2039
date
Wed, 20 Oct 2021 22:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19887
expires
Thu, 21 Oct 2021 00:01:06 GMT
fontawesome-webfont.woff2
netdna.bootstrapcdn.com/font-awesome/4.4.0/fonts/
63 KB
64 KB
Font
General
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.css?ver=5.8.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.css?ver=5.8.1
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617
age
2139262
cdn-cachedat
2021-04-23 06:27:18
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
64464
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
371a9b120c43161fea4209ffcea7bcc2
accept-ranges
bytes
cf-ray
6a15b7a1dcfd374a-MXP
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/
19 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|Lato:400,700|Work+Sans:900|Montserrat:400,700|Open+Sans:800|Playfair+Display:400,700,900|Quicksand|Raleway:200,400,700|Roboto+Slab:400,700|Work+Sans:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Work+Sans:100,200,300,400,400italic,500,600,700,700italic,800,900|Lato:100,200,300,400,400italic,500,600,700,700italic,800,900|Montserrat:100,200,300,400,500,600,700,800,900&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek-ext,greek,vietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 13:18:36 GMT
x-content-type-options
nosniff
age
33389
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 13:18:36 GMT
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v11/
46 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/worksans/v11/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|Lato:400,700|Work+Sans:900|Montserrat:400,700|Open+Sans:800|Playfair+Display:400,700,900|Quicksand|Raleway:200,400,700|Roboto+Slab:400,700|Work+Sans:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Work+Sans:100,200,300,400,400italic,500,600,700,700italic,800,900|Lato:100,200,300,400,400italic,500,600,700,700italic,800,900|Montserrat:100,200,300,400,500,600,700,800,900&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek-ext,greek,vietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c95d706475a153fe4bc12a4aae383e5bf845cba076d95d76f413f51424802ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:09:22 GMT
x-content-type-options
nosniff
age
102343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47452
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 17:39:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 19 Oct 2022 18:09:22 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|Lato:400,700|Work+Sans:900|Montserrat:400,700|Open+Sans:800|Playfair+Display:400,700,900|Quicksand|Raleway:200,400,700|Roboto+Slab:400,700|Work+Sans:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Work+Sans:100,200,300,400,400italic,500,600,700,700italic,800,900|Lato:100,200,300,400,400italic,500,600,700,700italic,800,900|Montserrat:100,200,300,400,500,600,700,800,900&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek-ext,greek,vietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:28:30 GMT
x-content-type-options
nosniff
age
395
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 22:28:30 GMT
fa-brands-400.woff2
use.fontawesome.com/releases/v5.10.2/webfonts/
73 KB
74 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.10.2/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.10.2/css/all.css?ver=5.10.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
975714c6cb70ba105bfa87d2415df2fddde4a46c1d3ab9d0cf45465e56cba97d

Request headers

Referer
https://use.fontawesome.com/releases/v5.10.2/css/all.css?ver=5.10.2
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2221355
cf-ray
6a15b7a1ddc93755-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
74524
x-amz-id-2
LrExo7d2kJ1ZidUEQS855dz2Fse90lbPTvFE7HTMHbJqp+X1VUsbdqG89uq4TkvhhsfV+gYe7rI=
last-modified
Wed, 30 Jun 2021 15:36:28 GMT
server
cloudflare
etag
"3e1b2a654a784ceb385157140b4ccd71"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jn7g3%2FEjLZBhkYQx31NySz9BP5%2FjNAPT31ieq0YgT17nn%2BKg7aKpAWbGZmDC6RcUmNuzcOIji7n3AK%2BlB0wpb%2Bmf%2FVYqo%2FlDXT89jOHz2mZpzvy5umGO2wfGMHd50gftF5xnr6BCO5EJdZR%2Bre8p8FDB"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
BN2R0XFJDR1GBE8N
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/
22 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|Lato:400,700|Work+Sans:900|Montserrat:400,700|Open+Sans:800|Playfair+Display:400,700,900|Quicksand|Raleway:200,400,700|Roboto+Slab:400,700|Work+Sans:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Work+Sans:100,200,300,400,400italic,500,600,700,700italic,800,900|Lato:100,200,300,400,400italic,500,600,700,700italic,800,900|Montserrat:100,200,300,400,500,600,700,800,900&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek-ext,greek,vietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 04:13:08 GMT
x-content-type-options
nosniff
age
152517
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Oct 2022 04:13:08 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|Lato:400,700|Work+Sans:900|Montserrat:400,700|Open+Sans:800|Playfair+Display:400,700,900|Quicksand|Raleway:200,400,700|Roboto+Slab:400,700|Work+Sans:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Work+Sans:100,200,300,400,400italic,500,600,700,700italic,800,900|Lato:100,200,300,400,400italic,500,600,700,700italic,800,900|Montserrat:100,200,300,400,500,600,700,800,900&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek-ext,greek,vietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 06:39:46 GMT
x-content-type-options
nosniff
age
316519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Oct 2022 06:39:46 GMT
950BF790-4A3D-4F65-A731-93E2CFFCE272.jpeg
bestnewshere.com/wp-content/uploads/2021/10/
64 KB
64 KB
Image
General
Full URL
https://bestnewshere.com/wp-content/uploads/2021/10/950BF790-4A3D-4F65-A731-93E2CFFCE272.jpeg
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.118.2.vultr.com
Software
nginx /
Resource Hash
bc42741b9da166d17ee97dc8a84762a7cee1d6fc7bf73cc66b923452b1ff381e

Request headers

:path
/wp-content/uploads/2021/10/950BF790-4A3D-4F65-A731-93E2CFFCE272.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bestnewshere.com
referer
https://bestnewshere.com/anyone-for-an-october-surprise/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/anyone-for-an-october-surprise/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
last-modified
Wed, 20 Oct 2021 21:51:46 GMT
server
nginx
etag
"61708f72-ff67"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
65383
expires
Fri, 19 Nov 2021 22:35:05 GMT
JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|Lato:400,700|Work+Sans:900|Montserrat:400,700|Open+Sans:800|Playfair+Display:400,700,900|Quicksand|Raleway:200,400,700|Roboto+Slab:400,700|Work+Sans:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Work+Sans:100,200,300,400,400italic,500,600,700,700italic,800,900|Lato:100,200,300,400,400italic,500,600,700,700italic,800,900|Montserrat:100,200,300,400,500,600,700,800,900&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek-ext,greek,vietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3202c5584350517cab7f1de0d43d54db0979c449df18fe70241e8c35de80919
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 08:45:40 GMT
x-content-type-options
nosniff
age
136165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20016
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:21:37 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Oct 2022 08:45:40 GMT
download-1024x768-1-300x180.jpg
bestnewshere.com/wp-content/uploads/2021/08/
8 KB
9 KB
Image
General
Full URL
https://bestnewshere.com/wp-content/uploads/2021/08/download-1024x768-1-300x180.jpg
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.118.2.vultr.com
Software
nginx /
Resource Hash
fdcd99bbf5f9f20b5da56aa30fd21e0dfff93aa85041ca0e2d64acebae05d8dd

Request headers

:path
/wp-content/uploads/2021/08/download-1024x768-1-300x180.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bestnewshere.com
referer
https://bestnewshere.com/anyone-for-an-october-surprise/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/anyone-for-an-october-surprise/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
last-modified
Tue, 31 Aug 2021 16:06:07 GMT
server
nginx
etag
"612e536f-21d6"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8662
expires
Fri, 19 Nov 2021 22:35:05 GMT
0-32-1024x596-1-300x180.jpg
bestnewshere.com/wp-content/uploads/2021/07/
11 KB
11 KB
Image
General
Full URL
https://bestnewshere.com/wp-content/uploads/2021/07/0-32-1024x596-1-300x180.jpg
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.118.2.vultr.com
Software
nginx /
Resource Hash
ba44c5137390df2bc9d79cf9404ac497d9f71e494605b69c0d020c58b3361b80

Request headers

:path
/wp-content/uploads/2021/07/0-32-1024x596-1-300x180.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bestnewshere.com
referer
https://bestnewshere.com/anyone-for-an-october-surprise/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/anyone-for-an-october-surprise/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
last-modified
Fri, 23 Jul 2021 21:43:05 GMT
server
nginx
etag
"60fb37e9-2c7a"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11386
expires
Fri, 19 Nov 2021 22:35:05 GMT
download-6-300x180.jpg
bestnewshere.com/wp-content/uploads/2021/07/
13 KB
13 KB
Image
General
Full URL
https://bestnewshere.com/wp-content/uploads/2021/07/download-6-300x180.jpg
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.118.2.vultr.com
Software
nginx /
Resource Hash
75f693739105932866d638973167a2aadbf6b144f5f7dda0378e76811c54110c

Request headers

:path
/wp-content/uploads/2021/07/download-6-300x180.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bestnewshere.com
referer
https://bestnewshere.com/anyone-for-an-october-surprise/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/anyone-for-an-october-surprise/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
last-modified
Sun, 19 Sep 2021 01:30:48 GMT
server
nginx
etag
"614692c8-3274"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
12916
expires
Fri, 19 Nov 2021 22:35:05 GMT
MOSHED-2020-3-1-23-48-48-300x180.gif
bestnewshere.com/wp-content/uploads/2021/08/
7 KB
7 KB
Image
General
Full URL
https://bestnewshere.com/wp-content/uploads/2021/08/MOSHED-2020-3-1-23-48-48-300x180.gif
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.118.2.vultr.com
Software
nginx /
Resource Hash
e70db3da0c050d6d7612679670a1dfc348b03258f47c4733aa91c05040ef720c

Request headers

:path
/wp-content/uploads/2021/08/MOSHED-2020-3-1-23-48-48-300x180.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bestnewshere.com
referer
https://bestnewshere.com/anyone-for-an-october-surprise/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/anyone-for-an-october-surprise/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
last-modified
Wed, 04 Aug 2021 22:51:16 GMT
server
nginx
etag
"610b19e4-1d0a"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7434
expires
Fri, 19 Nov 2021 22:35:05 GMT
EC0F2BGYFYfx1VKdJYhVO34v_640x360-300x180.jpg
bestnewshere.com/wp-content/uploads/2021/10/
19 KB
19 KB
Image
General
Full URL
https://bestnewshere.com/wp-content/uploads/2021/10/EC0F2BGYFYfx1VKdJYhVO34v_640x360-300x180.jpg
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.118.2.vultr.com
Software
nginx /
Resource Hash
28efb04ddbd534b09556412478e3005a130458f8c7b5bfd08b66e81402565f8e

Request headers

:path
/wp-content/uploads/2021/10/EC0F2BGYFYfx1VKdJYhVO34v_640x360-300x180.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bestnewshere.com
referer
https://bestnewshere.com/anyone-for-an-october-surprise/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/anyone-for-an-october-surprise/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
last-modified
Fri, 01 Oct 2021 23:05:15 GMT
server
nginx
etag
"6157942b-4a11"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
18961
expires
Fri, 19 Nov 2021 22:35:05 GMT
gatesevil-300x180.jpg
bestnewshere.com/wp-content/uploads/2021/08/
10 KB
10 KB
Image
General
Full URL
https://bestnewshere.com/wp-content/uploads/2021/08/gatesevil-300x180.jpg
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.118.2.vultr.com
Software
nginx /
Resource Hash
8d0b14361233d8598e0d95b3a77c1eb5a8d5c08460fd5b6c576abe311b45ca39

Request headers

:path
/wp-content/uploads/2021/08/gatesevil-300x180.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bestnewshere.com
referer
https://bestnewshere.com/anyone-for-an-october-surprise/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/anyone-for-an-october-surprise/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
last-modified
Sun, 01 Aug 2021 13:57:00 GMT
server
nginx
etag
"6106a82c-27c1"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10177
expires
Fri, 19 Nov 2021 22:35:05 GMT
supreme-300x180.jpg
bestnewshere.com/wp-content/uploads/2021/08/
14 KB
14 KB
Image
General
Full URL
https://bestnewshere.com/wp-content/uploads/2021/08/supreme-300x180.jpg
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.118.2.vultr.com
Software
nginx /
Resource Hash
e1efa8100f2570d82eb360d1a3e3df4c21156c334de60ea5f9b31c256104ae04

Request headers

:path
/wp-content/uploads/2021/08/supreme-300x180.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bestnewshere.com
referer
https://bestnewshere.com/anyone-for-an-october-surprise/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/anyone-for-an-october-surprise/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
last-modified
Sat, 28 Aug 2021 21:47:43 GMT
server
nginx
etag
"612aaeff-367a"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
13946
expires
Fri, 19 Nov 2021 22:35:05 GMT
2021_05_11-03_02-redvoicemedia-6099f3ad10f42-300x180.jpg
bestnewshere.com/wp-content/uploads/2021/08/
9 KB
9 KB
Image
General
Full URL
https://bestnewshere.com/wp-content/uploads/2021/08/2021_05_11-03_02-redvoicemedia-6099f3ad10f42-300x180.jpg
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.118.2.vultr.com
Software
nginx /
Resource Hash
2693dcfcc1e50b77339d9e35787df24b602dd75031aab5cf48b44e608a41c9be

Request headers

:path
/wp-content/uploads/2021/08/2021_05_11-03_02-redvoicemedia-6099f3ad10f42-300x180.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bestnewshere.com
referer
https://bestnewshere.com/anyone-for-an-october-surprise/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/anyone-for-an-october-surprise/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
last-modified
Wed, 25 Aug 2021 21:41:59 GMT
server
nginx
etag
"6126b927-23b2"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
9138
expires
Fri, 19 Nov 2021 22:35:05 GMT
A201E62B-ADDA-4298-A674-C30BB3C155E7-300x180.png
bestnewshere.com/wp-content/uploads/2021/07/
114 KB
114 KB
Image
General
Full URL
https://bestnewshere.com/wp-content/uploads/2021/07/A201E62B-ADDA-4298-A674-C30BB3C155E7-300x180.png
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.118.2.vultr.com
Software
nginx /
Resource Hash
b648e7e768f328dce7418e520792240c34c50a7a2fbe5d4cb5afb5d5118391c6

Request headers

:path
/wp-content/uploads/2021/07/A201E62B-ADDA-4298-A674-C30BB3C155E7-300x180.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bestnewshere.com
referer
https://bestnewshere.com/anyone-for-an-october-surprise/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/anyone-for-an-october-surprise/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
last-modified
Fri, 30 Jul 2021 08:41:58 GMT
server
nginx
etag
"6103bb56-1c67a"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
116346
expires
Fri, 19 Nov 2021 22:35:05 GMT
download-5-225x180.jpg
bestnewshere.com/wp-content/uploads/2021/08/
11 KB
11 KB
Image
General
Full URL
https://bestnewshere.com/wp-content/uploads/2021/08/download-5-225x180.jpg
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.118.2 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.118.2.vultr.com
Software
nginx /
Resource Hash
8439e31d7109df82a296d3303bcc14884b3e031e77f57505ba4a84af7d257979

Request headers

:path
/wp-content/uploads/2021/08/download-5-225x180.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bestnewshere.com
referer
https://bestnewshere.com/anyone-for-an-october-surprise/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/anyone-for-an-october-surprise/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
last-modified
Wed, 25 Aug 2021 21:52:54 GMT
server
nginx
etag
"6126bbb6-2c87"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11399
expires
Fri, 19 Nov 2021 22:35:05 GMT
bestnewshere.com.1093798.es6.js
jsc.mgid.com/b/e/
233 KB
65 KB
Script
General
Full URL
https://jsc.mgid.com/b/e/bestnewshere.com.1093798.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1093798.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea4c64b7984222a3a8958d3daf6981d8958a955c3bd44aeb810efaa9a95652a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
content-encoding
br
cf-cache-status
HIT
age
6040
last-modified
Wed, 08 Sep 2021 08:00:40 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
HSFHDYNDQ9R1WZK6
x-amz-id-2
wku7xYYPBc0JVgbLhdglD2S8zFgHqA2mlLzuHvhRdvQi8Sc6iDaa0yUEafV6ZtwWsCmxvMjuYm4=
cf-bgj
minify
server
cloudflare
etag
W/"64333148ec637451ad3cab481a5b6756"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6a15b7a1c9192bf6-FRA
expires
Thu, 21 Oct 2021 01:35:05 GMT
bestnewshere.com.1059382.es6.js
jsc.mgid.com/b/e/
233 KB
64 KB
Script
General
Full URL
https://jsc.mgid.com/b/e/bestnewshere.com.1059382.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1059382.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07d86593830013f58b612782822c18b4c475983868c0fd6637793d6bef1f7f09

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:05 GMT
content-encoding
br
cf-cache-status
HIT
age
6573
last-modified
Fri, 24 Sep 2021 10:45:16 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
M09PHMKEGV4DB8RB
x-amz-id-2
AwCc3Hjkb3IFr+LG4BbY/47zhof71h5wOKbtsWGijI+fF/hLkCik6dwfOJKJ2gVcKaXYR6C+lCs=
cf-bgj
minify
server
cloudflare
etag
W/"c064b63e46e3c6805569f00906f6183a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6a15b7a1fc715364-FRA
expires
Thu, 21 Oct 2021 01:35:05 GMT
collect
www.google-analytics.com/j/
2 B
207 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1949237155&t=pageview&_s=1&dl=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&ul=en-us&de=UTF-8&dt=ANYONE%20FOR%20AN%20OCTOBER%20SURPRISE%3F%20-%20best%20news%20here&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=442355969&gjid=2045340462&cid=1160229335.1634769306&tid=UA-77201563-5&_gid=1627089869.1634769306&_r=1&_slc=1&z=130935276
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bestnewshere.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
trends.revcontent.com/api/demand/
52 B
266 B
Fetch
General
Full URL
https://trends.revcontent.com/api/demand/?w=184305
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-188-163.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://bestnewshere.com
date
Wed, 20 Oct 2021 22:35:06 GMT
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
content-length
52
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
sync
trends.revcontent.com/
0
0
Fetch
General
Full URL
https://trends.revcontent.com/sync
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-188-163.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://bestnewshere.com
date
Wed, 20 Oct 2021 22:35:06 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
/
trends.revcontent.com/api/demand/
52 B
266 B
Fetch
General
Full URL
https://trends.revcontent.com/api/demand/?w=182780
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-188-163.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://bestnewshere.com
date
Wed, 20 Oct 2021 22:35:06 GMT
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
content-length
52
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
sync
trends.revcontent.com/
0
0
Fetch
General
Full URL
https://trends.revcontent.com/sync
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-188-163.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://bestnewshere.com
date
Wed, 20 Oct 2021 22:35:06 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
/
trends.revcontent.com/api/delivery/
25 KB
10 KB
Fetch
General
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=182780&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&icr_url=&va=0&time=1634769306100&up=pc&bn=chrome&bv=93&widget_width=1021&style_id=0
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-188-163.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
6bc43a9d793fccdf595b551fb1a5efa4e789ae12e5c1d40306bb4ba68cd6543b
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://bestnewshere.com
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-length
10263
/
trends.revcontent.com/api/delivery/
8 KB
4 KB
Fetch
General
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=184305&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&icr_url=&va=0&time=1634769306103&up=pc&bn=chrome&bv=93&widget_width=1021&style_id=0
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-188-163.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
3736cc3f1afd4fd6a3e5ccbb97e33c04dd5931742b88885be058a487fe612492
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://bestnewshere.com
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-length
3827
/
c.mgid.com/pv/
0
280 B
Script
General
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1634769306167677085453&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&lu=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&sessionId=6170999a-164ec&pageView=1&pvid=17c9fd8023896fb453e&site=663986&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1093798.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6a15b7a3ebf42bf6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
MGID_plus.svg
cdn.mgid.com/images/logos/
2 KB
1 KB
Image
General
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
content-encoding
br
cf-cache-status
HIT
age
4885
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6a15b7a40c162bf6-FRA
expires
Thu, 21 Oct 2021 22:35:06 GMT
Adchoices.svg
cdn.mgid.com/images/logos/
836 B
904 B
Image
General
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
content-encoding
br
cf-cache-status
HIT
age
2319
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6a15b7a40c142bf6-FRA
expires
Thu, 21 Oct 2021 22:35:06 GMT
impression
trends.revcontent.com/event/
0
0
Fetch
General
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-188-163.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://bestnewshere.com
date
Wed, 20 Oct 2021 22:35:06 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
score.min.js
js.ad-score.com/
309 KB
106 KB
Script
General
Full URL
https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:d400:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
32c594d95353e4d911c17fe4c12f5c7a27d5e7906424bd65fece533eecc0679b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 22:04:22 GMT
Content-Encoding
gzip
Age
1844
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Wed, 20 Oct 2021 22:04:22 GMT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Via
1.1 6e8224d5f2990b031ca60a58f18ac909.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
FRA60-P2
Access-Control-Allow-Headers
Cache-Control
X-Amz-Cf-Id
yBJEsNPrzBehhmWIn7wl-FhxfFWLAN2EWYUXry8_vGtRKK73TJ5WVA==
Expires
Thu, 21 Oct 2021 22:04:22 GMT
rc-logo.png
cdn.revcontent.com/assets/img/
4 KB
4 KB
Image
General
Full URL
https://cdn.revcontent.com/assets/img/rc-logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
last-modified
Mon, 13 Sep 2021 19:23:45 GMT
etag
"1631561025"
x-hw
1634769306.cds165.fr8.hn,1634769306.cds130.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=10460
accept-ranges
bytes
content-length
4298
impression
trends.revcontent.com/event/
0
0
Fetch
General
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-188-163.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://bestnewshere.com
date
Wed, 20 Oct 2021 22:35:06 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
/
img.revcontent.com/
20 KB
20 KB
Image
General
Full URL
https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
last-modified
Wed, 01 Jul 2020 17:13:25 GMT
etag
"1593623605"
x-hw
1634769306.cds163.fr8.hn,1634769306.cds260.fr8.c
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20438
MGID_plus.svg
cdn.mgid.com/images/logos/
2 KB
1 KB
Image
General
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1059382.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
content-encoding
br
cf-cache-status
HIT
age
4885
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6a15b7a48fdc5364-FRA
expires
Thu, 21 Oct 2021 22:35:06 GMT
Adchoices.svg
cdn.mgid.com/images/logos/
836 B
1 KB
Image
General
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1059382.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
content-encoding
br
cf-cache-status
HIT
age
2319
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6a15b7a48fdd5364-FRA
expires
Thu, 21 Oct 2021 22:35:06 GMT
15270160711449093928.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/
10 KB
10 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/15270160711449093928.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
9cb65209fa8e6bf6a9507aa0f584f3d97c9eb17cb60d20b24bf5ec7f6e80503f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 14:16:23 GMT
server
Cloudinary
etag
"5f796f6bf75c83f950655f80e8166b52"
strict-transport-security
max-age=604800
x-hw
1634769306.cds065.lo4.hn,1634769306.cds231.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=97;cpu=1;start=2021-05-06T14:16:33.835Z;desc=miss,rtt;dur=0,cloudinary;dur=18;start=2021-05-06T14:16:33.874Z
accept-ranges
bytes
timing-allow-origin
*
content-length
10185
cors
data.ad-score.com/data/
50 B
719 B
XHR
General
Full URL
https://data.ad-score.com/data/cors?pm_st=ZcCNBzzquPAtHOMKYVZdLcTEpvppdHPc-FE7fPshldVrlKDkf03vOFUvH-E0zCOMphbFbkNA==&pm_ct=bf73e405e23c0c74f044c8e6&pm_pl=1634769306370&pm_td=9&pid=1000177&en=1.1&callback=__pm_glbl_k97gVP29iLvm7B2f6ii7P9YI._gc1&tt=opt&v=e6b1558
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
63c5d8eff84836667125a54ccde8207d43eb34bb6eda0b9b95b285bad4418f8f

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 20 Oct 2021 22:35:06 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://bestnewshere.com
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
50
x.html
js.ad-score.com/ Frame 7766
16 KB
8 KB
Document
General
Full URL
https://js.ad-score.com/x.html?pid=1000177
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:d400:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
57ff9e01654f1afd4da2b427fb4cc8bdffc81eb63aee1cd4973eca79d7d67117

Request headers

Host
js.ad-score.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bestnewshere.com/
Accept-Encoding
gzip, deflate, br
Cookie
token=YenpgZqCuQsEm-853v-WiPCBuuEhMuJB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/

Response headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Encoding
gzip
Last-Modified
Wed, 20 Oct 2021 22:00:56 GMT
Date
Wed, 20 Oct 2021 22:04:22 GMT
X-Cache
Hit from cloudfront
Via
1.1 6e8224d5f2990b031ca60a58f18ac909.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
X-Amz-Cf-Id
YzHIogHn7RkIm7z6_zECjNvDCQQlDXspmmeE_S2wNeUdECeLlIeJZg==
Age
1844
cors
data.ad-score.com/data/
50 B
719 B
XHR
General
Full URL
https://data.ad-score.com/data/cors?pm_st=ZcCNBzzquPAtHOMKYVZdLcTEpvppdHPc-FE7fPshldVrlKDkf03vOFUvH-E0zCOMphbFbkNA==&pm_ct=ff05ac960c770baf32030b51&pm_pl=1634769306438&pm_td=4&pid=1000177&en=1.1&callback=__pm_glbl_oWwx8e1cIE2fOUezio3xkNpx._gc1&tt=opt&v=e6b1558
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
ad0413684ba2711b6a00df4bd73835f209a97ba73870f4502f5c3359c14133c6

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 20 Oct 2021 22:35:06 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://bestnewshere.com
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
50
x.html
js.ad-score.com/ Frame 18B6
16 KB
8 KB
Document
General
Full URL
https://js.ad-score.com/x.html?pid=1000177
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:d400:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
57ff9e01654f1afd4da2b427fb4cc8bdffc81eb63aee1cd4973eca79d7d67117

Request headers

Host
js.ad-score.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bestnewshere.com/
Accept-Encoding
gzip, deflate, br
Cookie
token=YenpgZqCuQsEm-853v-WiPCBuuEhMuJB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/

Response headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Encoding
gzip
Last-Modified
Wed, 20 Oct 2021 22:00:56 GMT
Date
Wed, 20 Oct 2021 22:04:22 GMT
X-Cache
Hit from cloudfront
Via
1.1 6e8224d5f2990b031ca60a58f18ac909.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
X-Amz-Cf-Id
AU6xhwULMNEod-iM8NzqLk76v1DbjIxNx_-W_nDudMdXts-06JYwVw==
Age
1844
cors
data.ad-score.com/data/
1 B
272 B
XHR
General
Full URL
https://data.ad-score.com/data/cors?pm_st=ZcCNBzzquPAtHOMKYVZdLcTEpvppdHPc-FE7fPshldVrlKDkf03vOFUvH-E0zCOMphbFbkNA==&pm_ct=bf73e405e23c0c74f044c8e6&pm_pl=1634769306370&pm_td=102&pid=1000177&en=1.1&callback=__pm_glbl_k97gVP29iLvm7B2f6ii7P9YI._gc2&tt=opt&v=e6b1558
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://bestnewshere.com
Date
Wed, 20 Oct 2021 22:35:06 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
truncated
/
35 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
61027467e6cd92-22113721.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/
19 KB
19 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/61027467e6cd92-22113721.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
d999a5f50fde956ed9e790e9da936ddea4c663dfaded50fa5de4d50ba3e5dcb4
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Jul 2021 18:43:19 GMT
server
Cloudinary
etag
"5b18d5bc800b6d516118eb9c891deab6"
strict-transport-security
max-age=604800
x-hw
1634769306.cds065.lo4.hn,1634769306.cds101.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=1;start=2021-07-29T19:18:32.322Z;desc=hit,rtt;dur=0
accept-ranges
bytes
timing-allow-origin
*
content-length
19119
61027081a2ba24-72394810.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/
19 KB
19 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/61027081a2ba24-72394810.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
98ffa43839a9d6b9b6973ddbf6c68b8cf0d9a542d7ad794a0e93cc62f724294d
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Jul 2021 18:43:19 GMT
server
Cloudinary
etag
"5ad913f05d421a37df3bf0e43926ba6b"
strict-transport-security
max-age=604800
x-hw
1634769306.cds065.lo4.hn,1634769306.cds247.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=1;cpu=0;start=2021-10-18T07:38:53.126Z;desc=hit,rtt;dur=0
accept-ranges
bytes
timing-allow-origin
*
content-length
19157
61027c668b5568-19385253.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/
13 KB
13 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/61027c668b5568-19385253.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
628948e608154b1dc916d8be3064033b3d8546c1d32ee326924d1dd2b01dcfcd
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Jul 2021 18:43:18 GMT
server
Cloudinary
etag
"c160c2e9cae8b358fbf93ea90e934cea"
strict-transport-security
max-age=604800
x-hw
1634769306.cds065.lo4.hn,1634769306.cds231.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=1;start=2021-10-11T10:35:09.153Z;desc=hit,rtt;dur=0
accept-ranges
bytes
timing-allow-origin
*
content-length
13388
610275aab16c19-44512895.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/
23 KB
23 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/610275aab16c19-44512895.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
7755d364b0c1834e7e0e54286183cdcb3e75c31229c1f3989bd4183d37094683
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Jul 2021 18:43:19 GMT
server
Cloudinary
etag
"6a946014d0ba84a18c205082678d9129"
strict-transport-security
max-age=604800
x-hw
1634769306.cds065.lo4.hn,1634769306.cds097.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=2;cpu=0;start=2021-07-29T19:11:36.447Z;desc=hit,rtt;dur=0
accept-ranges
bytes
timing-allow-origin
*
content-length
23709
6123fe2c075678-87773733.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/
15 KB
15 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/6123fe2c075678-87773733.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
63186d14140620adb8e9886076790ef578fa00e273cb7a6e4e24eb46a9665206
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 25 Aug 2021 21:37:48 GMT
server
Cloudinary
etag
"2ba429f1fb09fd12f1e6174d7b61dadc"
strict-transport-security
max-age=604800
x-hw
1634769306.cds065.lo4.hn,1634769306.cds250.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=166;cpu=1;start=2021-08-25T23:07:54.044Z;desc=miss,rtt;dur=0,cloudinary;dur=86;start=2021-08-25T23:07:54.084Z
accept-ranges
bytes
timing-allow-origin
*
content-length
15269
15783481871754702877.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/
12 KB
12 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/15783481871754702877.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
61f6d054b1b2e3d1a07f0918e6ccc6c88ff308d6ddb3d7b45c6d1ef66fb59b9c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Jul 2021 00:18:28 GMT
server
Cloudinary
etag
"6bd58784f3a0efb679dcdd18398fd2c2"
strict-transport-security
max-age=604800
x-hw
1634769306.cds065.lo4.hn,1634769306.cds281.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=97;cpu=1;start=2021-07-29T00:21:58.915Z;desc=miss,rtt;dur=0,cloudinary;dur=16;start=2021-07-29T00:21:58.955Z
accept-ranges
bytes
timing-allow-origin
*
content-length
12475
cors
data.ad-score.com/data/
1 B
272 B
XHR
General
Full URL
https://data.ad-score.com/data/cors?pm_st=ZcCNBzzquPAtHOMKYVZdLcTEpvppdHPc-FE7fPshldVrlKDkf03vOFUvH-E0zCOMphbFbkNA==&pm_ct=ff05ac960c770baf32030b51&pm_pl=1634769306438&pm_td=108&pid=1000177&en=1.1&callback=__pm_glbl_oWwx8e1cIE2fOUezio3xkNpx._gc2&tt=opt&v=e6b1558
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://bestnewshere.com
Date
Wed, 20 Oct 2021 22:35:06 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
widget-ssp-performance
c.mgid.com/
43 B
399 B
Image
General
Full URL
https://c.mgid.com/widget-ssp-performance?time=148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6a15b7a65a7a5364-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x.html
js.ad-score.com/ Frame 7766
0
564 B
XHR
General
Full URL
https://js.ad-score.com/x.html?pid=1000177
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/x.html?pid=1000177
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:d400:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.ad-score.com/x.html?pid=1000177
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 22:04:22 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 20 Oct 2021 22:00:56 GMT
Age
1844
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
FRA60-P2
Accept-Ranges
bytes
X-Amz-Cf-Id
auC7gmB5qpQ2yCYCYDNk2vazSNW2WdnrDc1EbKucl5CuCqZP1ZtArw==
Via
1.1 6e8224d5f2990b031ca60a58f18ac909.cloudfront.net (CloudFront)
x.html
js.ad-score.com/ Frame 18B6
0
564 B
XHR
General
Full URL
https://js.ad-score.com/x.html?pid=1000177
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/x.html?pid=1000177
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:d400:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.ad-score.com/x.html?pid=1000177
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 22:04:22 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 20 Oct 2021 22:00:56 GMT
Age
1844
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
FRA60-P2
Accept-Ranges
bytes
X-Amz-Cf-Id
6YfmJZnkH5WuD4pmFsE9-bKCn-Pi_HacKcT6CaERm_M7tliNm7roOw==
Via
1.1 6e8224d5f2990b031ca60a58f18ac909.cloudfront.net (CloudFront)
1
servicer.mgid.com/1093798/
2 KB
1 KB
Script
General
Full URL
https://servicer.mgid.com/1093798/1?pv=5&cbuster=1634769306685664894646&niet=4g&nisd=false&jsv=es6&w=1021&h=321&p3_w=330&p3_h=275&maxw_3=330&maxh_3=275&cols=3&ref=&cxurl=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&lu=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&sessionId=6170999a-164ec&pageView=1&pvid=17c9fd8023896fb453e&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1093798.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5061e2bb84928d7ec05c8b0d9201ff849c791c42cd75ff0dc32f808dc85520d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6a15b7a7384c2bf6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cors
data.ad-score.com/data/
1 B
272 B
XHR
General
Full URL
https://data.ad-score.com/data/cors?pm_st=ZcCNBzzquPAtHOMKYVZdLcTEpvppdHPc-FE7fPshldVrlKDkf03vOFUvH-E0zCOMphbFbkNA==&pm_ct=bf73e405e23c0c74f044c8e6&pm_pl=1634769306370&pm_td=346&pid=1000177&en=1.1&callback=__pm_glbl_k97gVP29iLvm7B2f6ii7P9YI._gc3&tt=opt&v=e6b1558
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://bestnewshere.com
Date
Wed, 20 Oct 2021 22:35:06 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
generic
trends.revcontent.com/event/
0
0
Fetch
General
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-188-163.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://bestnewshere.com
date
Wed, 20 Oct 2021 22:35:06 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
generic
trends.revcontent.com/event/
0
0
Fetch
General
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-188-163.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://bestnewshere.com
date
Wed, 20 Oct 2021 22:35:06 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
cors
data.ad-score.com/data/
1 B
272 B
XHR
General
Full URL
https://data.ad-score.com/data/cors?pm_st=ZcCNBzzquPAtHOMKYVZdLcTEpvppdHPc-FE7fPshldVrlKDkf03vOFUvH-E0zCOMphbFbkNA==&pm_ct=ff05ac960c770baf32030b51&pm_pl=1634769306438&pm_td=322&pid=1000177&en=1.1&callback=__pm_glbl_oWwx8e1cIE2fOUezio3xkNpx._gc3&tt=opt&v=e6b1558
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://bestnewshere.com
Date
Wed, 20 Oct 2021 22:35:07 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
widget-ssp-performance
c.mgid.com/
43 B
399 B
Image
General
Full URL
https://c.mgid.com/widget-ssp-performance?time=76
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6a15b7a79c165364-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
generic
trends.revcontent.com/event/
0
0
Fetch
General
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-188-163.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://bestnewshere.com
date
Wed, 20 Oct 2021 22:35:06 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
MGID_plus.svg
cdn.mgid.com/images/logos/
2 KB
1 KB
Image
General
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1093798.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
content-encoding
br
cf-cache-status
HIT
age
4885
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6a15b7a7bc6c5364-FRA
expires
Thu, 21 Oct 2021 22:35:06 GMT
Adchoices.svg
cdn.mgid.com/images/logos/
836 B
1 KB
Image
General
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1093798.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
content-encoding
br
cf-cache-status
HIT
age
2319
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6a15b7a7bc715364-FRA
expires
Thu, 21 Oct 2021 22:35:06 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2JlNjdlNjc5OWY4Y2Y4ZjBkZTMxNzAzODdiZWFmZTMwLmpwZWc.webp
s-img.mgid.com/g/4023134/492x328/0x54x551x367/
20 KB
20 KB
Image
General
Full URL
https://s-img.mgid.com/g/4023134/492x328/0x54x551x367/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2JlNjdlNjc5OWY4Y2Y4ZjBkZTMxNzAzODdiZWFmZTMwLmpwZWc.webp?v=1634769306-fCkdJqNUJHp2_OAd4qqt3Rpv1jBDedAQpMqyO-9H3eM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7d822263292e9ce8b95fd2dce87d01aa21f3ce55ea4386e5a5135dd60243fa6

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:19 GMT
x-mg-request-uuid
6cbea2ea-461f-4846-991e-229c924417db
age
1025032
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7a7ebed1f55-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20116
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzBmYjljY2MzODFkZGQxN2ZkNjNkYjY1MzVhMDlmN2ZlLmpwZWc.webp
s-img.mgid.com/g/3944302/492x328/0x32x960x640/
26 KB
26 KB
Image
General
Full URL
https://s-img.mgid.com/g/3944302/492x328/0x32x960x640/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzBmYjljY2MzODFkZGQxN2ZkNjNkYjY1MzVhMDlmN2ZlLmpwZWc.webp?v=1634769306-D6DWIZB3PB-C9TT6Rg8P8cZbGyifJcsta-uWX4vVN-U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91150b0d3b6de9177291a591510d6fc452a88a04fec25bf8af114f1d9a23669b

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:18 GMT
x-mg-request-uuid
af5ef771-a081-42bb-aab5-5fbd89b46bd7
age
1092551
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7a7ebf11f55-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
26216
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAzLzEwMTkyNC9mOTY0MWE2ZDhhNTQ5OTBhN...
s-img.mgid.com/g/10881014/492x328/-/
12 KB
12 KB
Image
General
Full URL
https://s-img.mgid.com/g/10881014/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAzLzEwMTkyNC9mOTY0MWE2ZDhhNTQ5OTBhNWExMWY0M2M5YmVmNDk3ZC5qcGc.webp?v=1634769306-TJHLyxdrwyd-03aRMKx2Mp6F9iJmoq4B6mI4vG899dc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa0c5636f9e7fb4b9d13319620fe4cb1b487d44aa099ae7e87a99202d392e042

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Oct 2021 13:45:45 GMT
x-mg-request-uuid
3c97180b-3014-4c35-9c2f-088025f56280
age
1314957
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7a7ebf01f55-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12074
server
cloudflare
1
servicer.mgid.com/1059382/
11 KB
4 KB
Script
General
Full URL
https://servicer.mgid.com/1059382/1?w=1021&h=2926&p6_w=300&p6_h=250&maxw_6=300&maxh_6=250&cols=1&pv=5&cbuster=1634769306794818041910&uniqId=17426&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&lu=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&sessionId=6170999a-164ec&pageView=0&pvid=17c9fd8023896fb453e&implVersion=11&dpr=1&muid=l9k6gfHva4zf
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1059382.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3681ef809d5146d36519dd7777493c9e0a0d3fc042a723939395e28ba1cdbfce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6a15b7a7cc805364-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
i.js
cm.mgid.com/
2 KB
1 KB
Script
General
Full URL
https://cm.mgid.com/i.js?&cbuster=1634769306837943129127
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1093798.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ca8d861b9c2503521278a5bb27f79d2049719ca59d8b480be6f5dc7ab11a1d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6a15b7a819782bf6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
i-noref.js
cm.mgid.com/ Frame C779
19 B
147 B
Script
General
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1634769306867241983234
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1093798.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6a15b7a839a62bf6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
MGID_plus.svg
cdn.mgid.com/images/logos/
2 KB
1 KB
Image
General
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1059382.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
content-encoding
br
cf-cache-status
HIT
age
4885
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6a15b7a86d535364-FRA
expires
Thu, 21 Oct 2021 22:35:06 GMT
Adchoices.svg
cdn.mgid.com/images/logos/
836 B
1 KB
Image
General
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1059382.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
content-encoding
br
cf-cache-status
HIT
age
2319
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6a15b7a86d545364-FRA
expires
Thu, 21 Oct 2021 22:35:06 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzI2MzNkNTYzMjgxMjY2ODhjMzUxYTA2ODVjYzRhMjUwLmpwZWc.webp
s-img.mgid.com/g/4060554/492x277/96x0x866x577/
12 KB
13 KB
Image
General
Full URL
https://s-img.mgid.com/g/4060554/492x277/96x0x866x577/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzI2MzNkNTYzMjgxMjY2ODhjMzUxYTA2ODVjYzRhMjUwLmpwZWc.webp?v=1634769306-7322IzhXRZnEgJGRAOPmOwYyLir7FR0XR5X4fac66PY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a2dfd7a27afa30a9e61ee23665d9da71751c73091371a408555c925aac758d4

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:00 GMT
x-mg-request-uuid
b8168c4d-b59a-4729-ba69-db284011b4c5
age
1668238
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7a87cb1177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12328
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0L2VmNjc3ZmFjNTNjYTk5MzAwMTI2NTM4OTIyYzkwN2ZlLmpwZWc.webp
s-img.mgid.com/g/8052382/492x277/0x31x564x376/
9 KB
10 KB
Image
General
Full URL
https://s-img.mgid.com/g/8052382/492x277/0x31x564x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0L2VmNjc3ZmFjNTNjYTk5MzAwMTI2NTM4OTIyYzkwN2ZlLmpwZWc.webp?v=1634769306-Sd_YH7f-QWxELcoGrlqL8XZBznnuy3dqwIbUqLOqnkE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13952e1d11d70ff5ed875fbe819832c117facb968748949982760ef9453f87ed

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:01 GMT
x-mg-request-uuid
a2b8eb4a-f00b-4b54-a4ed-7fbc92deab30
age
1670378
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7a87cb9177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9724
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzdhNmVmOWZjNDc5MjZkMGI0NDMwYjQ2ZDQ1NjNlZWE2LmpwZWc.webp
s-img.mgid.com/g/3839411/492x277/16x0x600x400/
9 KB
10 KB
Image
General
Full URL
https://s-img.mgid.com/g/3839411/492x277/16x0x600x400/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzdhNmVmOWZjNDc5MjZkMGI0NDMwYjQ2ZDQ1NjNlZWE2LmpwZWc.webp?v=1634769306-Q98j5QKkduQdMZWMHkNiuDxlDmBHWz6RgCHYbPwblZs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69a106181135228dbb43b59b3c68c405082aad982152b401a27d902ced7f3f03

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:41 GMT
x-mg-request-uuid
ce9a96a8-d0d7-4df1-a880-1e346323a501
age
1667435
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7a87cb7177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9602
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE3NTA3Nzk0Mjg0ZTNmNTEyNzQ2OGVhNDExZTJmMmZlLnBuZw.webp
s-img.mgid.com/g/3944301/492x277/0x0x900x600/
37 KB
38 KB
Image
General
Full URL
https://s-img.mgid.com/g/3944301/492x277/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE3NTA3Nzk0Mjg0ZTNmNTEyNzQ2OGVhNDExZTJmMmZlLnBuZw.webp?v=1634769306-_N_FXWzyRdKHErwMwfE3VgA6j3PRez3kMsb8WyaQ8Iw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
443ae740fe8356c17d751a26eadec94e0ffce6ebe1de5f28b6cc822906731b83

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:11 GMT
x-mg-request-uuid
e1f440bd-ad36-455c-8ea2-c1cc3fd90034
age
1669243
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7a87cbb177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
38384
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzI4YTYyMjU4NjU0MThhYjVmNTlkODI3ODkxZjQzZDU2LmpwZWc.webp
s-img.mgid.com/g/8052394/492x277/0x115x616x410/
12 KB
13 KB
Image
General
Full URL
https://s-img.mgid.com/g/8052394/492x277/0x115x616x410/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzI4YTYyMjU4NjU0MThhYjVmNTlkODI3ODkxZjQzZDU2LmpwZWc.webp?v=1634769306-Fq9czCL8EmqW4jl9G7fxtfDJJ7Bn6S6XBL_E8hG2AAU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5840a4a93220918e09eacd0552609c1548f265f7e5317ca4acbc133d05eba38

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:36 GMT
x-mg-request-uuid
6b834111-ba41-4017-813d-286b39ff5c19
age
1669942
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7a87cbc177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12708
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0LzBmOGNkNzk2YWZlMTgwMjkyMTQ5ZDQwOTEzY2M4NDAwLmpwZWc.webp
s-img.mgid.com/g/8052388/492x277/0x0x672x448/
21 KB
21 KB
Image
General
Full URL
https://s-img.mgid.com/g/8052388/492x277/0x0x672x448/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0LzBmOGNkNzk2YWZlMTgwMjkyMTQ5ZDQwOTEzY2M4NDAwLmpwZWc.webp?v=1634769306-ermlG-FdcKskj86SZBU_2mx7ytwp2tycnNH4i6MTVmk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f52733ad0523c74ce6129fcff09c9463aa9185dc75f1dc829d6d6f87f29906cd

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:23 GMT
x-mg-request-uuid
11e56744-851f-457c-bd44-90ac7e902d80
age
1669202
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7a87cbe177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21064
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMjEvMTAxOTI0LzlkOGQ4MjVjNTkxZGVkN2NmN2NhZjY3MDMwZWQyOGE3LmpwZz90PTE0OTAxMjQ3NDc5NDY.webp
s-img.mgid.com/g/3805572/492x277/0x0x492x328/
19 KB
20 KB
Image
General
Full URL
https://s-img.mgid.com/g/3805572/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMjEvMTAxOTI0LzlkOGQ4MjVjNTkxZGVkN2NmN2NhZjY3MDMwZWQyOGE3LmpwZz90PTE0OTAxMjQ3NDc5NDY.webp?v=1634769306-wg6BX1_mmlZHcZ2yNJeMs3r_9qydz-BgJFVBXWl79yg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3508051126ffa97486178f29ba4cb0e214c9c8a02f438815caae6b001b9b388

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:22 GMT
x-mg-request-uuid
c594a860-5f67-4fb6-be1e-ce15bcbe2cab
age
1669202
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7a87cc1177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19440
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp
s-img.mgid.com/g/5097645/492x277/0x0x980x653/
21 KB
21 KB
Image
General
Full URL
https://s-img.mgid.com/g/5097645/492x277/0x0x980x653/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp?v=1634769306-q9xgzZNEf9RmDPVSERzdNvlzMyFTT6Ss-oEhN1fpl3E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc08b676d54c8f448b423f9f8295962fabafe7dbe9be4e1db772497ec1cfc9b

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:14 GMT
x-mg-request-uuid
5f37a82a-22ff-4ef1-8074-aa4d41092ef7
age
1669243
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7a87cc3177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21168
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzRiMTM2NDcxMGQwMzUyZDcwZWExMjkzY2YyZGZmY2E4LmpwZWc.webp
s-img.mgid.com/g/3885445/492x277/0x208x531x354/
12 KB
13 KB
Image
General
Full URL
https://s-img.mgid.com/g/3885445/492x277/0x208x531x354/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzRiMTM2NDcxMGQwMzUyZDcwZWExMjkzY2YyZGZmY2E4LmpwZWc.webp?v=1634769306-rVh-6kkAc82h6O464au22VMzUw1RSq8GuJ5vUZTdpD0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
847b4a71be4f5fb44b11922ada485c3b8cfdcd4edc8c964e42078132f7461965

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:27:29 GMT
x-mg-request-uuid
4fa3513a-bdd7-49e8-b88a-b023ce29cd90
age
193036
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7a87cc5177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12224
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U1M2U3NTNhYzIwNzIwNTQyNDE1NmZmODMzYmM4ODcwLmpwZWc.webp
s-img.mgid.com/g/5097644/492x277/98x0x926x617/
28 KB
28 KB
Image
General
Full URL
https://s-img.mgid.com/g/5097644/492x277/98x0x926x617/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U1M2U3NTNhYzIwNzIwNTQyNDE1NmZmODMzYmM4ODcwLmpwZWc.webp?v=1634769306-hi8UdkLhhW7pp8DTPviixNJD3yvvTOfp_s6-umXHJSo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6faa9082282e075a073e7ea8758e2ffd548a8f41c92dd12af560d9843b8f11eb

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:20 GMT
x-mg-request-uuid
3cf8c321-e78d-445b-87e7-92d45fe51fb8
age
1670378
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7a87cc8177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
28600
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvYTQwNTRkOGRiYzY2ZmVlZ...
s-img.mgid.com/g/10881001/492x277/-/
48 KB
49 KB
Image
General
Full URL
https://s-img.mgid.com/g/10881001/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvYTQwNTRkOGRiYzY2ZmVlZjRhZmMwYTI2YzRhMjY0MzAuanBn.webp?v=1634769306-dIXyWnFa49cIy3isKx8yya0pQLznHIHPNmfBAd3n1Cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5acbf914f2595cc6287123aaf0b7285e2852b79226c114f4031a714b07fdd27

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Oct 2021 13:47:02 GMT
x-mg-request-uuid
4c904a5f-cda4-4390-aa14-a0e86e910466
age
1322227
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7a87cc9177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
49206
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC8xMDE5MjQvZTBkYzJhZWNiOWFlOWMxY...
s-img.mgid.com/g/10839610/492x277/-/
33 KB
34 KB
Image
General
Full URL
https://s-img.mgid.com/g/10839610/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC8xMDE5MjQvZTBkYzJhZWNiOWFlOWMxYTY0N2JiYTU5YjFiMTc4YjIuanBlZw.webp?v=1634769306-KuPxYIvbxiHxx49VlFKFbOJSJ42UIiEAmH1Gn8WdGrM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7e02db8d62e3ff306d0607d2341d9b348583b24e4a65fa8c6b41c055816416f

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 16:30:05 GMT
x-mg-request-uuid
f436bb5b-5b78-4f53-ac58-edf29bbdfde0
age
1661028
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7a87cce177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
33936
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzUxOTViNGE0Zjg1NmI3ZDczNGUxZTg0MGY2NzI5NDdiLmpwZWc.webp
s-img.mgid.com/g/8052393/492x277/0x20x598x398/
24 KB
24 KB
Image
General
Full URL
https://s-img.mgid.com/g/8052393/492x277/0x20x598x398/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzUxOTViNGE0Zjg1NmI3ZDczNGUxZTg0MGY2NzI5NDdiLmpwZWc.webp?v=1634769306-fAThD4ivPJlONFJrR0vsGTQFkn-eUIPdZfO7jWXPyOU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
046ad44961dd3c757f140b3b5b62d716e7f5b0c9c82c5cd638f4e9ba888f90d8

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:22:56 GMT
x-mg-request-uuid
b85c8f73-b7e0-43db-ab99-d400deaaf785
age
1670214
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7a87cb2177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24380
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzE3MzIyNDdmN2U2MzM1YTA3OWUxYzVkNGZiYjE1OGYxLmpwZz90PTE0OTc5ODEzMDQ3OTE.webp
s-img.mgid.com/g/3805577/492x277/0x25x1024x682/
31 KB
32 KB
Image
General
Full URL
https://s-img.mgid.com/g/3805577/492x277/0x25x1024x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzE3MzIyNDdmN2U2MzM1YTA3OWUxYzVkNGZiYjE1OGYxLmpwZz90PTE0OTc5ODEzMDQ3OTE.webp?v=1634769306-idOsFJTDbNflNH8B2XLl3Vjn5Y3_H4O_aYnjp2ThTAM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec51bd18a66799977faa6b2bca45b99fd240e6a1f7a8a9848d08fe20d0e5b52a

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:05 GMT
x-mg-request-uuid
49adb6e9-693e-457e-aa71-f2accd31022f
age
1669234
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7a87cb3177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
31768
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc.webp
s-img.mgid.com/g/6288128/492x277/0x155x900x600/
7 KB
7 KB
Image
General
Full URL
https://s-img.mgid.com/g/6288128/492x277/0x155x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc.webp?v=1634769306-EQwa14QANhvyjv4gQ41A_ITiVXrll-FJaHcXEs31-fM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c629c6d440f89b1c6f4e779729d71074ae8869b60a6361dcafca5d5e70550879

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:06 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:01 GMT
x-mg-request-uuid
c031dc98-41ef-4d8c-aaf8-ce6cd7dec014
age
1670384
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7a87cb5177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6884
server
cloudflare
sync.html
s.adtelligent.com/ Frame 4410
1 KB
884 B
Document
General
Full URL
https://s.adtelligent.com/sync.html?aid=658327
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1634769306837943129127
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Host
s.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bestnewshere.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/

Response headers

Server
VertaMedia 1.0
Date
Wed, 20 Oct 2021 22:35:06 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
600
Access-Control-Allow-Origin
https://bestnewshere.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
usync.html
eus.rubiconproject.com/ Frame B529
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1634769306837943129127
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bestnewshere.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
ETag
"403b8-119-5cd3a8e7e6a80"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 20 Oct 2021 22:35:07 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date
Wed, 20 Oct 2021 22:35:07 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=79e39cae-5774-4fda-9bd0-573d33d2bacf&ttl=1637361307
43 B
481 B
Image
General
Full URL
https://cm.mgid.com/m?cdsp=371158&c=79e39cae-5774-4fda-9bd0-573d33d2bacf&ttl=1637361307
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6a15b7aa0f5e5364-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:07 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=79e39cae-5774-4fda-9bd0-573d33d2bacf&ttl=1637361307
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDlrNmdmSHZhNHpm&muidn=l9k6gfHva4zf
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDlrNmdmSHZhNHpm&muidn=l9k6gfHva4zf&google_tc=
  • https://cm.mgid.com/google?muidn=l9k6gfHva4zf&google_ula={guid},5&google_gid=CAESEIfFmz6OZbITMMQ3gVuPzpQ&google_cver=1
0
376 B
Image
General
Full URL
https://cm.mgid.com/google?muidn=l9k6gfHva4zf&google_ula={guid},5&google_gid=CAESEIfFmz6OZbITMMQ3gVuPzpQ&google_cver=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6a15b7a9cf0f5364-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=l9k6gfHva4zf&google_ula={guid},5&google_gid=CAESEIfFmz6OZbITMMQ3gVuPzpQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l9k6gfHva4zf
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 20 Oct 2021 22:35:07 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
m
cm.mgid.com/
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://cm.mgid.com/m?cdsp=665953&c=4c847682-9314-4ddf-a81a-54d6594ee10e
43 B
465 B
Image
General
Full URL
https://cm.mgid.com/m?cdsp=665953&c=4c847682-9314-4ddf-a81a-54d6594ee10e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6a15b7a90e125364-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://cm.mgid.com/m?cdsp=665953&c=4c847682-9314-4ddf-a81a-54d6594ee10e
date
Wed, 20 Oct 2021 22:35:07 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
cm.idealmedia.io/setmuidn/
0
412 B
Image
General
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=l9k6gfHva4zf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6a15b7a8f8ce085f-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
/
cm.lentainform.com/setmuidn/
0
495 B
Image
General
Full URL
https://cm.lentainform.com/setmuidn/?muidf=l9k6gfHva4zf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6a15b7a8f8ac32ac-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
match
s.pubmine.com/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l9k6gfHva4zf
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l9k6gfHva4zf
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=d6ec4d70-8c29-4429-8ebd-9acb5bbfdba8&ssp_data=&gdpr=&gdpr_consent=
43 B
286 B
Image
General
Full URL
https://s.pubmine.com/match?bidder_id=1&external_user_id=d6ec4d70-8c29-4429-8ebd-9acb5bbfdba8&ssp_data=&gdpr=&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.125.73.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-73-87.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 22:35:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Encoding
gzip
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

Location
//s.pubmine.com/match?bidder_id=1&external_user_id=d6ec4d70-8c29-4429-8ebd-9acb5bbfdba8&ssp_data=&gdpr=&gdpr_consent=
Date
Wed, 20 Oct 2021 22:35:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
m
cm.mgid.com/
Redirect Chain
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
  • https://cm.mgid.com/m?cdsp=287839&c=8f7d0d21-9a7a-4a66-a726-c9ad62ee7dd1
43 B
497 B
Image
General
Full URL
https://cm.mgid.com/m?cdsp=287839&c=8f7d0d21-9a7a-4a66-a726-c9ad62ee7dd1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6a15b7ad3c1d5364-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
//cm.mgid.com/m?cdsp=287839&c=8f7d0d21-9a7a-4a66-a726-c9ad62ee7dd1
date
Wed, 20 Oct 2021 22:35:07 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
m
cm.mgid.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=mgid&bsw_custom_parameter=d6ec4d70-8c29-4429-8ebd-9acb5bbfdba8
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=mgid&expires=10&bsw_param=d6ec4d70-8c29-4429-8ebd-9acb5bbfdba8
  • https://cm.mgid.com/m?cdsp=433145&c=d6ec4d70-8c29-4429-8ebd-9acb5bbfdba8&gdpr=&gdpr_consent=&us_privacy=
43 B
481 B
Image
General
Full URL
https://cm.mgid.com/m?cdsp=433145&c=d6ec4d70-8c29-4429-8ebd-9acb5bbfdba8&gdpr=&gdpr_consent=&us_privacy=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6a15b7a9ff4e5364-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Location
//cm.mgid.com/m?cdsp=433145&c=d6ec4d70-8c29-4429-8ebd-9acb5bbfdba8&gdpr=&gdpr_consent=&us_privacy=
Date
Wed, 20 Oct 2021 22:35:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=zIkGf0eprU8hhU5vPgNX&pi=mgid&tc=1
43 B
481 B
Image
General
Full URL
https://cm.mgid.com/m?cdsp=501037&c=zIkGf0eprU8hhU5vPgNX&pi=mgid&tc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6a15b7a9cf0b5364-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=zIkGf0eprU8hhU5vPgNX&pi=mgid&tc=1
pragma
no-cache
date
Wed, 20 Oct 2021 22:35:07 GMT, Wed, 20 Oct 2021 22:35:07 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/
1 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1093798.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:12:33 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
72691
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
f01IAXmmSlm5w66OvR3c5-uguhrSfcy4uax808pjMah8QTaHi5qTVA==
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2JlNjdlNjc5OWY4Y2Y4ZjBkZTMxNzAzODdiZWFmZTMwLmpwZWc.webp
s-img.mgid.com/g/4023134/492x328/0x54x551x367/
20 KB
20 KB
Image
General
Full URL
https://s-img.mgid.com/g/4023134/492x328/0x54x551x367/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2JlNjdlNjc5OWY4Y2Y4ZjBkZTMxNzAzODdiZWFmZTMwLmpwZWc.webp?v=1634769306-fCkdJqNUJHp2_OAd4qqt3Rpv1jBDedAQpMqyO-9H3eM
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1093798.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7d822263292e9ce8b95fd2dce87d01aa21f3ce55ea4386e5a5135dd60243fa6

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:19 GMT
x-mg-request-uuid
6cbea2ea-461f-4846-991e-229c924417db
age
1025033
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7a8cd25177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20116
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzBmYjljY2MzODFkZGQxN2ZkNjNkYjY1MzVhMDlmN2ZlLmpwZWc.webp
s-img.mgid.com/g/3944302/492x328/0x32x960x640/
26 KB
26 KB
Image
General
Full URL
https://s-img.mgid.com/g/3944302/492x328/0x32x960x640/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzBmYjljY2MzODFkZGQxN2ZkNjNkYjY1MzVhMDlmN2ZlLmpwZWc.webp?v=1634769306-D6DWIZB3PB-C9TT6Rg8P8cZbGyifJcsta-uWX4vVN-U
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1093798.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91150b0d3b6de9177291a591510d6fc452a88a04fec25bf8af114f1d9a23669b

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:18 GMT
x-mg-request-uuid
af5ef771-a081-42bb-aab5-5fbd89b46bd7
age
1092552
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7a8cd2d177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
26216
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAzLzEwMTkyNC9mOTY0MWE2ZDhhNTQ5OTBhN...
s-img.mgid.com/g/10881014/492x328/-/
12 KB
12 KB
Image
General
Full URL
https://s-img.mgid.com/g/10881014/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAzLzEwMTkyNC9mOTY0MWE2ZDhhNTQ5OTBhNWExMWY0M2M5YmVmNDk3ZC5qcGc.webp?v=1634769306-TJHLyxdrwyd-03aRMKx2Mp6F9iJmoq4B6mI4vG899dc
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1093798.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa0c5636f9e7fb4b9d13319620fe4cb1b487d44aa099ae7e87a99202d392e042

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Oct 2021 13:45:45 GMT
x-mg-request-uuid
3c97180b-3014-4c35-9c2f-088025f56280
age
1314958
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7a8cd31177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12074
server
cloudflare
245ce5fa-079e-4387-881a-f3b9d27be08e
player.ex.co/player/
656 KB
195 KB
Script
General
Full URL
https://player.ex.co/player/245ce5fa-079e-4387-881a-f3b9d27be08e
Requested by
Host: bestnewshere.com
URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
02d815369c5d72d7729fc453e52be1eeba7baf79a61b8a3e17c2e7cbe231720f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
content-encoding
gzip
age
12497
x-cache
HIT, HIT
access-control-max-age
600
content-length
198961
x-served-by
cache-dca17734-DCA, cache-hhn4053-HHN
access-control-allow-origin
*
server
nginx
x-timer
S1634769307.139169,VS0,VE1
etag
W/"a3f08-CKmciwTggmGz7OGk95MxUQBU4tQ"
vary
Accept-Encoding, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
1, 1
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1634769307135&ns_c=UTF-8&cv=3.5&c8=ANYONE%20FOR%20AN%20OCTOBER%20SURPRISE%3F%20-%20best%20news%20here&c7=https%3A%2F%2Fbestnewshere....
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1634769307135&ns_c=UTF-8&cv=3.5&c8=ANYONE%20FOR%20AN%20OCTOBER%20SURPRISE%3F%20-%20best%20news%20here&c7=https%3A%2F%2Fbestnewshere...
64 B
329 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1634769307135&ns_c=UTF-8&cv=3.5&c8=ANYONE%20FOR%20AN%20OCTOBER%20SURPRISE%3F%20-%20best%20news%20here&c7=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
OZ6eEEdcK70b4f5eXT6YbFg-6oEN7nLTI_xE7hhh16G-V2BUeI-2SQ==

Redirect headers

date
Wed, 20 Oct 2021 22:35:07 GMT
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1634769307135&ns_c=UTF-8&cv=3.5&c8=ANYONE%20FOR%20AN%20OCTOBER%20SURPRISE%3F%20-%20best%20news%20here&c7=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&c9=
content-length
263
x-amz-cf-id
yvNvsnkmhYNX34-5GXFK0yKJqXzBsEXZspdJKUnayKl0WiHVZ9KHlQ==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1634769307138&ns_c=UTF-8&cv=3.5&c8=ANYONE%20FOR%20AN%20OCTOBER%20SURPRISE%3F%20-%20best%20news%20here&c7=https%3A%2F%2Fbestnewshere....
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1634769307138&ns_c=UTF-8&cv=3.5&c8=ANYONE%20FOR%20AN%20OCTOBER%20SURPRISE%3F%20-%20best%20news%20here&c7=https%3A%2F%2Fbestnewshere...
64 B
329 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1634769307138&ns_c=UTF-8&cv=3.5&c8=ANYONE%20FOR%20AN%20OCTOBER%20SURPRISE%3F%20-%20best%20news%20here&c7=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
aBur8eG9YpBhEYK6eft_5NRHlzQiRof8QscWNWAAsAblpz0YMpghjw==

Redirect headers

date
Wed, 20 Oct 2021 22:35:07 GMT
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1634769307138&ns_c=UTF-8&cv=3.5&c8=ANYONE%20FOR%20AN%20OCTOBER%20SURPRISE%3F%20-%20best%20news%20here&c7=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&c9=
content-length
263
x-amz-cf-id
RsXMoOB6ksonlNiFo3yaXJOSjIkcDVcHLJ9z58BAGom1CsNMgTKNmw==
usync.js
eus.rubiconproject.com/ Frame B529
31 KB
9 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
273282a153ded9e3bf56932b20e17408048ddd0d3edf359ebc52e1312a927c4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 22:35:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=9022
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Thu, 21 Oct 2021 01:05:29 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzI2MzNkNTYzMjgxMjY2ODhjMzUxYTA2ODVjYzRhMjUwLmpwZWc.webp
s-img.mgid.com/g/4060554/492x277/96x0x866x577/
12 KB
13 KB
Image
General
Full URL
https://s-img.mgid.com/g/4060554/492x277/96x0x866x577/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzI2MzNkNTYzMjgxMjY2ODhjMzUxYTA2ODVjYzRhMjUwLmpwZWc.webp?v=1634769306-7322IzhXRZnEgJGRAOPmOwYyLir7FR0XR5X4fac66PY
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1059382.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a2dfd7a27afa30a9e61ee23665d9da71751c73091371a408555c925aac758d4

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:00 GMT
x-mg-request-uuid
b8168c4d-b59a-4729-ba69-db284011b4c5
age
1668239
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7aa0ea9177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12328
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0L2VmNjc3ZmFjNTNjYTk5MzAwMTI2NTM4OTIyYzkwN2ZlLmpwZWc.webp
s-img.mgid.com/g/8052382/492x277/0x31x564x376/
9 KB
10 KB
Image
General
Full URL
https://s-img.mgid.com/g/8052382/492x277/0x31x564x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0L2VmNjc3ZmFjNTNjYTk5MzAwMTI2NTM4OTIyYzkwN2ZlLmpwZWc.webp?v=1634769306-Sd_YH7f-QWxELcoGrlqL8XZBznnuy3dqwIbUqLOqnkE
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1059382.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13952e1d11d70ff5ed875fbe819832c117facb968748949982760ef9453f87ed

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:01 GMT
x-mg-request-uuid
a2b8eb4a-f00b-4b54-a4ed-7fbc92deab30
age
1670379
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7aa0eab177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9724
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzdhNmVmOWZjNDc5MjZkMGI0NDMwYjQ2ZDQ1NjNlZWE2LmpwZWc.webp
s-img.mgid.com/g/3839411/492x277/16x0x600x400/
9 KB
10 KB
Image
General
Full URL
https://s-img.mgid.com/g/3839411/492x277/16x0x600x400/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzdhNmVmOWZjNDc5MjZkMGI0NDMwYjQ2ZDQ1NjNlZWE2LmpwZWc.webp?v=1634769306-Q98j5QKkduQdMZWMHkNiuDxlDmBHWz6RgCHYbPwblZs
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1059382.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69a106181135228dbb43b59b3c68c405082aad982152b401a27d902ced7f3f03

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:41 GMT
x-mg-request-uuid
ce9a96a8-d0d7-4df1-a880-1e346323a501
age
1667436
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7aa0eac177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9602
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzI4YTYyMjU4NjU0MThhYjVmNTlkODI3ODkxZjQzZDU2LmpwZWc.webp
s-img.mgid.com/g/8052394/492x277/0x115x616x410/
12 KB
13 KB
Image
General
Full URL
https://s-img.mgid.com/g/8052394/492x277/0x115x616x410/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzI4YTYyMjU4NjU0MThhYjVmNTlkODI3ODkxZjQzZDU2LmpwZWc.webp?v=1634769306-Fq9czCL8EmqW4jl9G7fxtfDJJ7Bn6S6XBL_E8hG2AAU
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1059382.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5840a4a93220918e09eacd0552609c1548f265f7e5317ca4acbc133d05eba38

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:36 GMT
x-mg-request-uuid
6b834111-ba41-4017-813d-286b39ff5c19
age
1669943
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7aa0eae177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12708
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0LzBmOGNkNzk2YWZlMTgwMjkyMTQ5ZDQwOTEzY2M4NDAwLmpwZWc.webp
s-img.mgid.com/g/8052388/492x277/0x0x672x448/
21 KB
21 KB
Image
General
Full URL
https://s-img.mgid.com/g/8052388/492x277/0x0x672x448/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0LzBmOGNkNzk2YWZlMTgwMjkyMTQ5ZDQwOTEzY2M4NDAwLmpwZWc.webp?v=1634769306-ermlG-FdcKskj86SZBU_2mx7ytwp2tycnNH4i6MTVmk
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1059382.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f52733ad0523c74ce6129fcff09c9463aa9185dc75f1dc829d6d6f87f29906cd

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:23 GMT
x-mg-request-uuid
11e56744-851f-457c-bd44-90ac7e902d80
age
1669203
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7aa0eaf177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21064
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMjEvMTAxOTI0LzlkOGQ4MjVjNTkxZGVkN2NmN2NhZjY3MDMwZWQyOGE3LmpwZz90PTE0OTAxMjQ3NDc5NDY.webp
s-img.mgid.com/g/3805572/492x277/0x0x492x328/
19 KB
20 KB
Image
General
Full URL
https://s-img.mgid.com/g/3805572/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMjEvMTAxOTI0LzlkOGQ4MjVjNTkxZGVkN2NmN2NhZjY3MDMwZWQyOGE3LmpwZz90PTE0OTAxMjQ3NDc5NDY.webp?v=1634769306-wg6BX1_mmlZHcZ2yNJeMs3r_9qydz-BgJFVBXWl79yg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1059382.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3508051126ffa97486178f29ba4cb0e214c9c8a02f438815caae6b001b9b388

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:22 GMT
x-mg-request-uuid
c594a860-5f67-4fb6-be1e-ce15bcbe2cab
age
1669203
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7aa0eb1177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19440
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp
s-img.mgid.com/g/5097645/492x277/0x0x980x653/
21 KB
21 KB
Image
General
Full URL
https://s-img.mgid.com/g/5097645/492x277/0x0x980x653/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp?v=1634769306-q9xgzZNEf9RmDPVSERzdNvlzMyFTT6Ss-oEhN1fpl3E
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1059382.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc08b676d54c8f448b423f9f8295962fabafe7dbe9be4e1db772497ec1cfc9b

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:14 GMT
x-mg-request-uuid
5f37a82a-22ff-4ef1-8074-aa4d41092ef7
age
1669244
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7aa0eb4177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21168
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzRiMTM2NDcxMGQwMzUyZDcwZWExMjkzY2YyZGZmY2E4LmpwZWc.webp
s-img.mgid.com/g/3885445/492x277/0x208x531x354/
12 KB
12 KB
Image
General
Full URL
https://s-img.mgid.com/g/3885445/492x277/0x208x531x354/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzRiMTM2NDcxMGQwMzUyZDcwZWExMjkzY2YyZGZmY2E4LmpwZWc.webp?v=1634769306-rVh-6kkAc82h6O464au22VMzUw1RSq8GuJ5vUZTdpD0
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1059382.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
847b4a71be4f5fb44b11922ada485c3b8cfdcd4edc8c964e42078132f7461965

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:27:29 GMT
x-mg-request-uuid
4fa3513a-bdd7-49e8-b88a-b023ce29cd90
age
193037
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7aa0eb6177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12224
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U1M2U3NTNhYzIwNzIwNTQyNDE1NmZmODMzYmM4ODcwLmpwZWc.webp
s-img.mgid.com/g/5097644/492x277/98x0x926x617/
28 KB
28 KB
Image
General
Full URL
https://s-img.mgid.com/g/5097644/492x277/98x0x926x617/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U1M2U3NTNhYzIwNzIwNTQyNDE1NmZmODMzYmM4ODcwLmpwZWc.webp?v=1634769306-hi8UdkLhhW7pp8DTPviixNJD3yvvTOfp_s6-umXHJSo
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1059382.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6faa9082282e075a073e7ea8758e2ffd548a8f41c92dd12af560d9843b8f11eb

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:20 GMT
x-mg-request-uuid
3cf8c321-e78d-445b-87e7-92d45fe51fb8
age
1670379
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7aa0eb7177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
28600
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvYTQwNTRkOGRiYzY2ZmVlZ...
s-img.mgid.com/g/10881001/492x277/-/
48 KB
49 KB
Image
General
Full URL
https://s-img.mgid.com/g/10881001/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvYTQwNTRkOGRiYzY2ZmVlZjRhZmMwYTI2YzRhMjY0MzAuanBn.webp?v=1634769306-dIXyWnFa49cIy3isKx8yya0pQLznHIHPNmfBAd3n1Cc
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1059382.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5acbf914f2595cc6287123aaf0b7285e2852b79226c114f4031a714b07fdd27

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Oct 2021 13:47:02 GMT
x-mg-request-uuid
4c904a5f-cda4-4390-aa14-a0e86e910466
age
1322228
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7aa0eb8177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
49206
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC8xMDE5MjQvZTBkYzJhZWNiOWFlOWMxY...
s-img.mgid.com/g/10839610/492x277/-/
33 KB
34 KB
Image
General
Full URL
https://s-img.mgid.com/g/10839610/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC8xMDE5MjQvZTBkYzJhZWNiOWFlOWMxYTY0N2JiYTU5YjFiMTc4YjIuanBlZw.webp?v=1634769306-KuPxYIvbxiHxx49VlFKFbOJSJ42UIiEAmH1Gn8WdGrM
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1059382.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7e02db8d62e3ff306d0607d2341d9b348583b24e4a65fa8c6b41c055816416f

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 16:30:05 GMT
x-mg-request-uuid
f436bb5b-5b78-4f53-ac58-edf29bbdfde0
age
1661029
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7aa0eba177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
33936
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzUxOTViNGE0Zjg1NmI3ZDczNGUxZTg0MGY2NzI5NDdiLmpwZWc.webp
s-img.mgid.com/g/8052393/492x277/0x20x598x398/
24 KB
24 KB
Image
General
Full URL
https://s-img.mgid.com/g/8052393/492x277/0x20x598x398/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzUxOTViNGE0Zjg1NmI3ZDczNGUxZTg0MGY2NzI5NDdiLmpwZWc.webp?v=1634769306-fAThD4ivPJlONFJrR0vsGTQFkn-eUIPdZfO7jWXPyOU
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1059382.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
046ad44961dd3c757f140b3b5b62d716e7f5b0c9c82c5cd638f4e9ba888f90d8

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:22:56 GMT
x-mg-request-uuid
b85c8f73-b7e0-43db-ab99-d400deaaf785
age
1670215
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7aa0ebc177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24380
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzE3MzIyNDdmN2U2MzM1YTA3OWUxYzVkNGZiYjE1OGYxLmpwZz90PTE0OTc5ODEzMDQ3OTE.webp
s-img.mgid.com/g/3805577/492x277/0x25x1024x682/
31 KB
32 KB
Image
General
Full URL
https://s-img.mgid.com/g/3805577/492x277/0x25x1024x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzE3MzIyNDdmN2U2MzM1YTA3OWUxYzVkNGZiYjE1OGYxLmpwZz90PTE0OTc5ODEzMDQ3OTE.webp?v=1634769306-idOsFJTDbNflNH8B2XLl3Vjn5Y3_H4O_aYnjp2ThTAM
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1059382.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec51bd18a66799977faa6b2bca45b99fd240e6a1f7a8a9848d08fe20d0e5b52a

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:05 GMT
x-mg-request-uuid
49adb6e9-693e-457e-aa71-f2accd31022f
age
1669235
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7aa0ebd177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
31768
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc.webp
s-img.mgid.com/g/6288128/492x277/0x155x900x600/
7 KB
7 KB
Image
General
Full URL
https://s-img.mgid.com/g/6288128/492x277/0x155x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc.webp?v=1634769306-EQwa14QANhvyjv4gQ41A_ITiVXrll-FJaHcXEs31-fM
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/bestnewshere.com.1059382.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c629c6d440f89b1c6f4e779729d71074ae8869b60a6361dcafca5d5e70550879

Request headers

Referer
https://bestnewshere.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:01 GMT
x-mg-request-uuid
c031dc98-41ef-4d8c-aaf8-ce6cd7dec014
age
1670385
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6a15b7aa0ebe177e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6884
server
cloudflare
events
prd-collector-anon.ex.co/main/
0
136 B
XHR
General
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/245ce5fa-079e-4387-881a-f3b9d27be08e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.25.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-25-178.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://bestnewshere.com
date
Wed, 20 Oct 2021 22:35:07 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
css2
fonts.googleapis.com/
2 KB
646 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 21:26:17 GMT
server
ESF
date
Wed, 20 Oct 2021 22:35:07 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Wed, 20 Oct 2021 22:35:07 GMT
hls.min.js
player.avplayer.com/script/2/2.55/libs/
247 KB
71 KB
Script
General
Full URL
https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/245ce5fa-079e-4387-881a-f3b9d27be08e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb91 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UzXaMNrb_qmTb8FvOI8rtyw5Klcl86amG3BhAgB5ru7giatCZYZIc-lLAetv3TKcTaEuAs3GCtFCgLTc4XiTKyTprFnOg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
71831
last-modified
Sun, 10 Jan 2021 14:52:52 GMT
server
UploadServer
etag
"7888b98658e8cef4a98786556ccdab66"
vary
Accept-Encoding
x-goog-hash
crc32c=vMWMIg==, md5=eIi5hljozvSph4ZVbM2rZg==
content-language
en
x-goog-generation
1610290372874389
cache-control
public, max-age=300
x-goog-stored-content-length
71831
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 20 Oct 2021 22:40:07 GMT
truncated
/
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
385 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
237 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
238 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
411 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
240 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
AVmanager.js
player.aniview.com/script/6.1/ Frame A009
361 KB
102 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/245ce5fa-079e-4387-881a-f3b9d27be08e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::2c79 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
4be248af2533387777c0841dbe22c2da3d19217cee48ae7c68063ba2966f1d77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycds-YtlbBJv2QJARUbxWzAzMVWCcXYWe7En0xUNaKmOAn8G1zzpH98c8yGFCVmdULL8nqDY9vumr90FBk2C_qHg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
103423
last-modified
Wed, 13 Oct 2021 06:17:51 GMT
server
UploadServer
etag
"e88cbf5213e55dde489911c70aa5ec91"
vary
Accept-Encoding
x-goog-hash
crc32c=4L5KPg==, md5=6Iy/UhPlXd5ImRHHCqXskQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1634105871199372
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
103423
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 20 Oct 2021 22:40:07 GMT
events
prd-collector-anon.ex.co/main/
0
136 B
XHR
General
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/245ce5fa-079e-4387-881a-f3b9d27be08e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.25.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-25-178.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://bestnewshere.com
date
Wed, 20 Oct 2021 22:35:07 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
events
prd-collector-anon.ex.co/main/
0
137 B
XHR
General
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/245ce5fa-079e-4387-881a-f3b9d27be08e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.25.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-25-178.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://bestnewshere.com
date
Wed, 20 Oct 2021 22:35:07 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
track
atrack.avplayer.com/
0
71 B
Image
General
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=playerLoaded&cb=1634769307273&cid=614af84d5fb982486400cf4d&VERSION=4.86.6&AV_PAGE_LOAD_UID=c823c769-1e71-49cd-8c0d-55729de5e678&AV_CDIM4=c823c769-1e71-49cd-8c0d-55729de5e678&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-197-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bestnewshere.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 17:27:37 GMT
x-content-type-options
nosniff
age
191250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 18 Oct 2022 17:27:37 GMT
csync
sync.adtelligent.com/ Frame 4410
0
0

khaos.jpg
token.rubiconproject.com/ Frame B529
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
track
track1.aniview.com/
0
71 B
Image
General
Full URL
https://track1.aniview.com/track?r=bestnewshere.com&sn=&cd4=c823c769-1e71-49cd-8c0d-55729de5e678&cd5=default&ic=0&tgt=0&app=&wi=680&he=383&test=&d36=6.1.2.78&apppkg=&fv=3&proto=https&pid=56ea678d181f46c76f8b45fb&cid=614af84d5fb982486400cf4d&stagid=&stplid=&e=inventory&vi=0&cb=1634769307426
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.127.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-127-9.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
premiumsrv.aniview.com/api/adserver/tag/
20 KB
4 KB
XHR
General
Full URL
https://premiumsrv.aniview.com/api/adserver/tag/?VERSION=4.86.6&AV_PAGE_LOAD_UID=c823c769-1e71-49cd-8c0d-55729de5e678&AV_CDIM4=c823c769-1e71-49cd-8c0d-55729de5e678&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default&AV_VIDEOURL=https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_sd%2Fv1490095101%2Flandscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&AV_CHANNELID=614af84d5fb982486400cf4d&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=bestnewshere.com&AV_DADPOS=3&d36=6.1.2.78&responsive=1&avtoken=307425&AV_WIDTH=680&AV_HEIGHT=383&AV_DNT=0&cb=1634769307481
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.4.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-4-119.compute-1.amazonaws.com
Software
/
Resource Hash
1581fe8034dbb292b9cd285a7fd0afc97eddadda0606ee1a4a242a70aa36db80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://bestnewshere.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Sat, 09 Oct 2021 08:48:27 GMT
landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.m3u8
mcd.ex.co/video/upload/sp_sd/v1490095101/
651 B
1 KB
XHR
General
Full URL
https://mcd.ex.co/video/upload/sp_sd/v1490095101/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
fb60128e57c39484c0597ad80131cfdbee334f3fd284cdfd490cb29a3aa43028

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 22:35:07 GMT
Last-Modified
Wed, 20 Oct 2021 15:27:07 GMT
Server
cloudinary
X-Timer
S1634743652.110469,VS0,VE31
ETag
"8e0ee5365a6d03d970fbf25a363daef6"
X-Served-By
cache-wdc5575-WDC
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31531867
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
Content-Length
651
X-Cache-Hits
0
landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.m3u8
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1634743602/
1 KB
2 KB
XHR
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1634743602/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
47e102271931c05433fce182d0c355ddc9c1f4f015d559e256d93546762f9215

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 22:35:07 GMT
Last-Modified
Wed, 20 Oct 2021 15:26:57 GMT
Server
cloudinary
X-Timer
S1634743992.389127,VS0,VE1
ETag
"65b0391e0155280157c5e90bb46e6af3"
X-Served-By
cache-wdc5562-WDC
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31532287
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
Content-Length
1218
X-Cache-Hits
1
landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1634743602/ Frame
0
0
Preflight
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1634743602/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
Protocol
HTTP/1.1
Server
2.16.186.139 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://bestnewshere.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Wed, 20 Oct 2021 22:35:07 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1634743602/
39 KB
39 KB
XHR
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1634743602/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
da6803ffceefb2e47f643cb2b17bb1cac41a29492066417aa60880bac3c4ff8b

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-39479

Response headers

Date
Wed, 20 Oct 2021 22:35:07 GMT
Content-Range
bytes 0-39479/720416
Connection
keep-alive
Content-Length
39480
X-Served-By
cache-wdc5576-WDC
Last-Modified
Wed, 20 Oct 2021 15:26:55 GMT
Server
cloudinary
X-Timer
S1634743993.915083,VS0,VE1
ETag
"589936567d17721e06013becf55209b5"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31532217
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
000152d8-ff8e-4363-bcbf-d35f18001f05
https://bestnewshere.com/
63 KB
0
Other
General
Full URL
blob:https://bestnewshere.com/000152d8-ff8e-4363-bcbf-d35f18001f05
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.m3u8
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/
1 KB
2 KB
XHR
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
078d03d494d06e9b3eb1bdd43f1520a3a5c11295ae6b650f0f86b0241bd67e67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 22:35:07 GMT
Last-Modified
Wed, 20 Oct 2021 15:27:06 GMT
Server
cloudinary
X-Timer
S1634743652.280994,VS0,VE46
ETag
"82ad95fdc91c4b84689fbb9bfba91f7c"
X-Served-By
cache-wdc5575-WDC
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31532019
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
Content-Length
1227
X-Cache-Hits
0
landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/
57 KB
58 KB
XHR
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
ae18de62aa2789e41ccff7bd5e3f8050d536deaad2b9a9ce4adfea08013f8c69

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-58467

Response headers

Date
Wed, 20 Oct 2021 22:35:07 GMT
Content-Range
bytes 0-58467/1427860
Connection
keep-alive
Content-Length
58468
X-Served-By
cache-wdc5562-WDC
Last-Modified
Wed, 20 Oct 2021 15:27:05 GMT
Server
cloudinary
X-Timer
S1634744376.822511,VS0,VE1
ETag
"c46fd1924948cba265f07fdf428ba780"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31532743
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/ Frame
0
0
Preflight
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
Protocol
HTTP/1.1
Server
2.16.186.139 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://bestnewshere.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Wed, 20 Oct 2021 22:35:07 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/ Frame
0
0
Preflight
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
Protocol
HTTP/1.1
Server
2.16.186.139 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://bestnewshere.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Wed, 20 Oct 2021 22:35:07 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/
157 KB
157 KB
XHR
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
afb61bed4b90cc22d6fba77d271a4bcc6c9da7a10cec1db83d045ac99765c821

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=58468-218831

Response headers

Date
Wed, 20 Oct 2021 22:35:07 GMT
Content-Range
bytes 58468-218831/1427860
Connection
keep-alive
Content-Length
160364
X-Served-By
cache-wdc5562-WDC
Last-Modified
Wed, 20 Oct 2021 15:27:05 GMT
Server
cloudinary
X-Timer
S1634744376.822511,VS0,VE1
ETag
"c46fd1924948cba265f07fdf428ba780"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31532743
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
truncated
/
552 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
events
prd-collector-anon.ex.co/main/
0
136 B
XHR
General
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/245ce5fa-079e-4387-881a-f3b9d27be08e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.25.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-25-178.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://bestnewshere.com
date
Wed, 20 Oct 2021 22:35:07 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
sync
pixel.advertising.com/ups/58195/ Frame 2F77
Redirect Chain
  • https://pixel.advertising.com/ups/58195/sync?&gdpr=1&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58195/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true
0
0
Document
General
Full URL
https://pixel.advertising.com/ups/58195/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.162.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-162-63.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.advertising.com
:scheme
https
:path
/ups/58195/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bestnewshere.com/
accept-encoding
gzip, deflate, br
cookie
APID=UPfa64c7bf-31f5-11ec-a684-061e8962b018
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security
max-age=31536000

Redirect headers

date
Wed, 20 Oct 2021 22:35:07 GMT
content-length
0
location
https://pixel.advertising.com/ups/58195/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true
strict-transport-security
max-age=31536000
set-cookie
APID=UPfa64c7bf-31f5-11ec-a684-061e8962b018;Version=1;Domain=.advertising.com;Path=/;Max-Age=31622400;Expires=Fri, 21-Oct-2022 22:35:07 GMT;Secure;SameSite=None
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5B21
14 KB
5 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634769307815-937596263743-008893-013-000898%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634769307815-937596263743-008893-013-000898%26biddername%3D1%26key%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bestnewshere.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=42803
expires
Thu, 21 Oct 2021 10:28:30 GMT
date
Wed, 20 Oct 2021 22:35:07 GMT
vary
Accept-Encoding
Cookie set usermatch
ssum.casalemedia.com/ Frame EFFC
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634769307815-937596263743-008893-013-000898%26biddername%3D42%26key%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634769307815-937596263743-008893-013-000898%26biddername%3D42%26key%3D&s=190719&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634769307815-937596263743-008893-013-000898%26biddername%3D42%26key%3D&s=190719&C=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
01a3331cf59a543d988b3300e7b4b9a43a50b2ac75b96b6dd68cb65182cf3212

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bestnewshere.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YXCZm2qeghMDQfZ3IrXojAAA; CMPS=5206
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|45|230|39|81|195|221|40
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1816
Expires
Wed, 20 Oct 2021 22:35:08 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 20 Oct 2021 22:35:08 GMT
Connection
keep-alive
Set-Cookie
CMID=YXCZm2qeghMDQfZ3IrXojAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 20 Oct 2022 22:35:07 GMT CMPS=5206;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 18 Jan 2022 22:35:07 GMT CMPRO=1200;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 18 Jan 2022 22:35:07 GMT CMRUM3=dd6170999b2760&516170999b05a0&c36170999b05a00&e66170999b2760&f16170999b05a0&2d6170999b05a0&286170999b05a00&276170999b0b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 20 Oct 2022 22:35:07 GMT CMST=YXCZm2FwmZsA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 21 Oct 2021 22:35:07 GMT

Redirect headers

Server
Apache
Content-Length
379
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634769307815-937596263743-008893-013-000898%26biddername%3D42%26key%3D&s=190719&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Wed, 20 Oct 2021 22:35:07 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 20 Oct 2021 22:35:07 GMT
Connection
keep-alive
Set-Cookie
CMID=YXCZm2qeghMDQfZ3IrXojAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 20 Oct 2022 22:35:07 GMT CMPS=5206;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 18 Jan 2022 22:35:07 GMT
usync.html
eus.rubiconproject.com/ Frame 9927
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bestnewshere.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
ETag
"403b8-119-5cd3a8e7e6a80"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 20 Oct 2021 22:35:07 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Date
Wed, 20 Oct 2021 22:35:07 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
events
prd-collector-anon.ex.co/main/
0
136 B
XHR
General
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/245ce5fa-079e-4387-881a-f3b9d27be08e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.25.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-25-178.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://bestnewshere.com
date
Wed, 20 Oct 2021 22:35:07 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
avpb3.js
player.aniview.com/script/6.1/ Frame A009
303 KB
95 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::2c79 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
ac7b9f46edcec0a88c11c18bf0a08879953bfd042486c0a2a7c58426df25088c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduZw_i5ti7yyLKbGdH9e-AJSyuIrZowyBkvpjZIzG5xPvNYPc7k0NfjV4IddG3zqY2hEr64JKpFnz7rIG1wp5Y
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
96232
last-modified
Wed, 13 Oct 2021 06:16:58 GMT
server
UploadServer
etag
"ad7ef38cf13e26516d10222fcdb4ead3"
vary
Accept-Encoding
x-goog-hash
crc32c=vtLYAw==, md5=rX7zjPE+JlFtECIvzbTq0w==
content-language
en
access-control-allow-origin
*
x-goog-generation
1634105818129804
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
96232
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 20 Oct 2021 22:40:07 GMT
ac
www9.smartadserver.com/
Redirect Chain
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1426227&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=197528038666128525&pgdomain=https%3A%2F%2Fbestnewshere.com%2Fanyone-f...
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1426227&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=197528038666128525&pgdomain=https%3A%2F%2Fbestnewshere.com%2Fanyone-f...
129 B
514 B
XHR
General
Full URL
https://www9.smartadserver.com/ac?siteid=218209&pgid=1426227&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=197528038666128525&pgdomain=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=4769307847&cklb=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:07 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://bestnewshere.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
transfer-encoding
chunked

Redirect headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:08 GMT
location
https://www9.smartadserver.com/ac?siteid=218209&pgid=1426227&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=197528038666128525&pgdomain=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=4769307847&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://bestnewshere.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
ac
www9.smartadserver.com/
Redirect Chain
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1027757&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=197528038666128526&pgdomain=https%3A%2F%2Fbestnewshere.com%2Fanyone-f...
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1027757&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=197528038666128526&pgdomain=https%3A%2F%2Fbestnewshere.com%2Fanyone-f...
129 B
519 B
XHR
General
Full URL
https://www9.smartadserver.com/ac?siteid=218209&pgid=1027757&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=197528038666128526&pgdomain=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=4769307849&cklb=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:07 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://bestnewshere.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
transfer-encoding
chunked

Redirect headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:07 GMT
location
https://www9.smartadserver.com/ac?siteid=218209&pgid=1027757&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=197528038666128526&pgdomain=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=4769307849&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://bestnewshere.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
ac
www9.smartadserver.com/
Redirect Chain
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1027756&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=197528038666128528&pgdomain=https%3A%2F%2Fbestnewshere.com%2Fanyone-f...
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1027756&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=197528038666128528&pgdomain=https%3A%2F%2Fbestnewshere.com%2Fanyone-f...
129 B
514 B
XHR
General
Full URL
https://www9.smartadserver.com/ac?siteid=218209&pgid=1027756&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=197528038666128528&pgdomain=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=4769307855&cklb=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:07 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://bestnewshere.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
transfer-encoding
chunked

Redirect headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:07 GMT
location
https://www9.smartadserver.com/ac?siteid=218209&pgid=1027756&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=197528038666128528&pgdomain=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=4769307855&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://bestnewshere.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
ac
www9.smartadserver.com/
Redirect Chain
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=913531&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=197528038666128530&pgdomain=https%3A%2F%2Fbestnewshere.com%2Fanyone-fo...
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=913531&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=197528038666128530&pgdomain=https%3A%2F%2Fbestnewshere.com%2Fanyone-fo...
129 B
519 B
XHR
General
Full URL
https://www9.smartadserver.com/ac?siteid=218209&pgid=913531&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=197528038666128530&pgdomain=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=4769307855&cklb=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:08 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://bestnewshere.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
transfer-encoding
chunked

Redirect headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:07 GMT
location
https://www9.smartadserver.com/ac?siteid=218209&pgid=913531&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=197528038666128530&pgdomain=https%3A%2F%2Fbestnewshere.com%2Fanyone-for-an-october-surprise%2F&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=4769307855&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://bestnewshere.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=bestnewshere.com&rs=bestnewshere.com&sid=52089&t=1634769307&cip=185.232.23.184&sn=&tgt=0&osv=10&bv=93.0&brn=Chrome&wi=680&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1634769307815-937596263743-008893-013-000898&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.78&cb=19752803866&cd1=4.86.6&cd4=c823c769-1e71-49cd-8c0d-55729de5e678&cd5=default&d9=1000&d37=realtime&AV_WIDTH=410&AV_HEIGHT=231&nid=56ea678d181f46c76f8b45fb&ncid=614af84d5fb982486400cf4d&e=request&cb=1634769307857&asid=611a29c7e08a46473c4fc745%2C5c18de8528a061035b671e18%2C5f8c4fcaf3eefc7b4d24fc09%2C5ee3d57071193a26344a4076%2C60254eaaea2c62223814f756%2C5fa2711a54dbb238c9289f7d%2C5fa2a98bba80693a416064d7%2C5eae8e6f8ba53f19af36ed1c%2C5c18de8b073ef432d306911b%2C6033b5166ce17d3480761314%2C5b1d079c073ef4676d0569ca&ofpr=%2C%2C%2C%2C1%2C2%2C%2C3%2C%2C2%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.127.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-127-9.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:07 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
usync.js
eus.rubiconproject.com/ Frame 9927
31 KB
9 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
273282a153ded9e3bf56932b20e17408048ddd0d3edf359ebc52e1312a927c4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 22:35:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=9022
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Thu, 21 Oct 2021 01:05:29 GMT
landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/
95 KB
95 KB
XHR
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
dc211d208330e3b774e4490b2731de6e6f003f2cd15dfff8dc563f425fd941e3

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=218832-316027

Response headers

Date
Wed, 20 Oct 2021 22:35:07 GMT
Content-Range
bytes 218832-316027/1427860
Connection
keep-alive
Content-Length
97196
X-Served-By
cache-wdc5562-WDC
Last-Modified
Wed, 20 Oct 2021 15:27:05 GMT
Server
cloudinary
X-Timer
S1634744376.822511,VS0,VE1
ETag
"c46fd1924948cba265f07fdf428ba780"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31532743
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/ Frame
0
0
Preflight
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
Protocol
HTTP/1.1
Server
2.16.186.139 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://bestnewshere.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Wed, 20 Oct 2021 22:35:07 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
v1
prg.smartadserver.com/prebid/
171 B
544 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:08 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://bestnewshere.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
309622
search.spotxchange.com/openrtb/2.3/dados/
0
1 KB
XHR
General
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/309622?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 20 Oct 2021 22:35:08 GMT
X-SpotX-Timing-Transform
0.000473
X-SpotX-Timing-SpotMarket
0.009512
X-SpotX-Timing-Page-Mux
0.000866
X-SpotX-Timing-Page-Require
0.000284
X-fe
047
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000035
X-SpotX-Timing-Page
0.014065
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000283
Last-Modified
Wed, 20 Oct 2021 22:35:08 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.009512
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://bestnewshere.com
X-SpotX-Timing-Page-Misc
0.002599
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
prg.smartadserver.com/prebid/
171 B
549 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:08 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://bestnewshere.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
translator
hbopenbid.pubmatic.com/
0
116 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://bestnewshere.com
date
Wed, 20 Oct 2021 22:35:07 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
khaos.jpg
token.rubiconproject.com/ Frame 9927
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
c
c.mgid.com/
43 B
441 B
Image
General
Full URL
https://c.mgid.com/c?f=1&pv=3&v=330|285|8|CAVOElMzmLuYyo27dGo9pO0o-SSKJswSmiKJfXGEuMLLgW4htOtDje9eBfomHsfy&fw=1&extjs=66044&v=330|285|8|CAVOElMzmLuYyo27dGo9pMftmZESXl0LgAcbye4BZAkpqrCg_3TWo_y_Fld56e-W&v=330|285|40|CAVOElMzmLuYyo27dGo9pBAQs7dvlEMduFUOOCI22XHQKLRCU5SaSBXZSOlgwTae&cid=1093798&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=f9b5e28f-31f5-11ec-8ccc-2cea7f875b01&tt=Direct&iv=11&pageImp=1&pvid=17c9fd8023896fb453e&muid=l9k6gfHva4zf&cbuster=1634769308120340040105&tpl=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:08 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
19dee568-3e12-4156-ac2b-2313c5757715
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6a15b7b01f995364-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
PugMaster
image6.pubmatic.com/AdServer/ Frame 5B21
0
42 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=32975630&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634769307815-937596263743-008893-013-000898%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:08 GMT
content-length
0
dcm
s.amazon-adsystem.com/ Frame EFFC
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXCZm2qeghMDQfZ3IrXojAAABLAAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXCZm2qeghMDQfZ3IrXojAAABLAAAAAB&dcc=t
43 B
645 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXCZm2qeghMDQfZ3IrXojAAABLAAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634769307815-937596263743-008893-013-000898%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Oct 2021 22:35:08 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
9HE5448S6FXVE8ZJDP9K
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 20 Oct 2021 22:35:08 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
HN7J5THH08WP3G20HXEX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXCZm2qeghMDQfZ3IrXojAAABLAAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame EFFC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YXCZm2qeghMDQfZ3IrXojAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECv5xXsMS3yZ1YgGmZPDdJI&google_cver=1&gdpr=1
43 B
1001 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECv5xXsMS3yZ1YgGmZPDdJI&google_cver=1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634769307815-937596263743-008893-013-000898%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Oct 2021 22:35:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 20 Oct 2021 22:35:08 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECv5xXsMS3yZ1YgGmZPDdJI&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame EFFC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YXCZm2qeghMDQfZ3IrXojAAABLAAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEB0EJmICO4YJCRZ8CI57Gz0&google_cver=1
43 B
315 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEB0EJmICO4YJCRZ8CI57Gz0&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634769307815-937596263743-008893-013-000898%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Oct 2021 22:35:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 20 Oct 2021 22:35:08 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEB0EJmICO4YJCRZ8CI57Gz0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame EFFC
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634769307815-937596263743-008893-013-000898%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:08 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame EFFC
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=uOjkrbfg6v6j6rKu6Lv--b2_tqSjveX5vL3T1ow4
43 B
1014 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=uOjkrbfg6v6j6rKu6Lv--b2_tqSjveX5vL3T1ow4
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634769307815-937596263743-008893-013-000898%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Oct 2021 22:35:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 20 Oct 2021 22:35:08 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:08 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=uOjkrbfg6v6j6rKu6Lv--b2_tqSjveX5vL3T1ow4
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame EFFC
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-fbf961f6-a522-4c31-92e7-52acd2d5ef9f
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-fbf961f6-a522-4c31-92e7-52acd2d5ef9f
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634769307815-937596263743-008893-013-000898%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Oct 2021 22:35:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 20 Oct 2021 22:35:08 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-fbf961f6-a522-4c31-92e7-52acd2d5ef9f
date
Wed, 20 Oct 2021 22:35:08 GMT
server
Apache-Coyote/1.1
content-length
0
tpid=YXCZm2qeghMDQfZ3IrXojAAA%261200
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame EFFC
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YXCZm2qeghMDQfZ3IrXojAAA%261200?gdpr_consent=&us_privacy=&gdpr=1
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YXCZm2qeghMDQfZ3IrXojAAA%261200?gdpr_consent=&us_privacy=&gdpr=1
49 B
738 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YXCZm2qeghMDQfZ3IrXojAAA%261200?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634769307815-937596263743-008893-013-000898%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:08 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.1.163
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Oct 2021 22:35:08 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YXCZm2qeghMDQfZ3IrXojAAA%261200?gdpr_consent=&us_privacy=&gdpr=1
cache-control
no-cache
x-server
10.45.8.244
content-length
0
expires
0
cookiesyncendpoint
sync.aniview.com/ Frame EFFC
0
234 B
Image
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1634769307815-937596263743-008893-013-000898&biddername=42&key=YXCZm2qeghMDQfZ3IrXojAAA%261200
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634769307815-937596263743-008893-013-000898%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.245.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-245-189.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:08 GMT
content-length
0
cs&eq_cc=1
um2.eqads.com/um/ Frame A23F
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B
Document
General
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634769307815-937596263743-008893-013-000898%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.10.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-10-151.compute-1.amazonaws.com
Software
/
Resource Hash
904a9436afe5f423cd1d3d0207fbf06f656124828c341c40a939f20fe514ae2d

Request headers

:method
GET
:authority
um2.eqads.com
:scheme
https
:path
/um/cs&eq_cc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ssum.casalemedia.com/
accept-encoding
gzip, deflate, br
cookie
EQUser=UID=ef373f5e-77cc-4f2d-8c43-4af44314fd6a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/

Response headers

date
Wed, 20 Oct 2021 22:35:08 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Wed, 20 Oct 2021 22:35:08 GMT
pragma
no-cache

Redirect headers

date
Wed, 20 Oct 2021 22:35:08 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
set-cookie
EQUser=UID=ef373f5e-77cc-4f2d-8c43-4af44314fd6a; Path=/; Domain=eqads.com; Expires=Thu, 20 Jan 2022 22:35:08 GMT; Secure; SameSite=None
landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/
211 KB
211 KB
XHR
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
118889179898e53e739e05af175a48ba756b88cfab97a78de740617903a5bde0

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=316028-531663

Response headers

Date
Wed, 20 Oct 2021 22:35:08 GMT
Content-Range
bytes 316028-531663/1427860
Connection
keep-alive
Content-Length
215636
X-Served-By
cache-wdc5562-WDC
Last-Modified
Wed, 20 Oct 2021 15:27:05 GMT
Server
cloudinary
X-Timer
S1634744376.822511,VS0,VE1
ETag
"c46fd1924948cba265f07fdf428ba780"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31532742
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/ Frame
0
0
Preflight
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
Protocol
HTTP/1.1
Server
2.16.186.139 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://bestnewshere.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Wed, 20 Oct 2021 22:35:08 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=bestnewshere.com&rs=bestnewshere.com&sid=52089&t=1634769307&cip=185.232.23.184&sn=&tgt=0&osv=10&bv=93.0&brn=Chrome&wi=680&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1634769307815-937596263743-008893-013-000898&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.78&cb=19752803866&cd1=4.86.6&cd4=c823c769-1e71-49cd-8c0d-55729de5e678&cd5=default&d9=1000&d37=realtime&AV_WIDTH=410&AV_HEIGHT=231&nid=56ea678d181f46c76f8b45fb&ncid=614af84d5fb982486400cf4d&e=bid&cb=1634769308172&asid=5f8c4fcaf3eefc7b4d24fc09%2C5ee3d57071193a26344a4076%2C5fa2a98bba80693a416064d7&ofpr=%2C%2C&fpo=%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.127.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-127-9.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:08 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/
138 KB
139 KB
XHR
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
3eb6b782f24df017571d820a54f09464c9099c3032bf8db5260e52d914a87634

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=531664-673227

Response headers

Date
Wed, 20 Oct 2021 22:35:08 GMT
Content-Range
bytes 531664-673227/1427860
Connection
keep-alive
Content-Length
141564
X-Served-By
cache-wdc5562-WDC
Last-Modified
Wed, 20 Oct 2021 15:27:05 GMT
Server
cloudinary
X-Timer
S1634744376.822511,VS0,VE1
ETag
"c46fd1924948cba265f07fdf428ba780"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31532742
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/ Frame
0
0
Preflight
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
Protocol
HTTP/1.1
Server
2.16.186.139 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://bestnewshere.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Wed, 20 Oct 2021 22:35:08 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/
122 KB
123 KB
XHR
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
f4474673754b15f9d44685ef051e2955cf440fdb3237d76dabdacd4bca522926

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=673228-798623

Response headers

Date
Wed, 20 Oct 2021 22:35:08 GMT
Content-Range
bytes 673228-798623/1427860
Connection
keep-alive
Content-Length
125396
X-Served-By
cache-wdc5562-WDC
Last-Modified
Wed, 20 Oct 2021 15:27:05 GMT
Server
cloudinary
X-Timer
S1634744376.822511,VS0,VE1
ETag
"c46fd1924948cba265f07fdf428ba780"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31532742
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/ Frame
0
0
Preflight
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
Protocol
HTTP/1.1
Server
2.16.186.139 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://bestnewshere.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Wed, 20 Oct 2021 22:35:08 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
crum
dsum-sec.casalemedia.com/ Frame A23F
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=ef373f5e-77cc-4f2d-8c43-4af44314fd6a&expiration=1642718108
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Oct 2021 22:35:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 20 Oct 2021 22:35:08 GMT
371.json
id5-sync.com/g/v2/
213 B
534 B
XHR
General
Full URL
https://id5-sync.com/g/v2/371.json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.10 , Germany, ASN16276 (OVH, FR),
Reverse DNS
p24.id5-sync.com
Software
/
Resource Hash
aa085f47d6bd2b0785174ebb392195f194af83e9201f4d9f789b3c5560593ef6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://bestnewshere.com
Date
Wed, 20 Oct 2021 22:35:03 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C6A9
14 KB
5 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?kdntuid=1&p=158901
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bestnewshere.com/
accept-encoding
gzip, deflate, br
cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=42802
expires
Thu, 21 Oct 2021 10:28:30 GMT
date
Wed, 20 Oct 2021 22:35:08 GMT
vary
Accept-Encoding
events
prd-collector-anon.ex.co/main/
0
136 B
XHR
General
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/245ce5fa-079e-4387-881a-f3b9d27be08e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.25.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-25-178.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://bestnewshere.com
date
Wed, 20 Oct 2021 22:35:09 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
track
atrack.avplayer.com/
0
70 B
Image
General
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M20&cb=1634769309820&cid=614af84d5fb982486400cf4d&VERSION=4.86.6&AV_PAGE_LOAD_UID=c823c769-1e71-49cd-8c0d-55729de5e678&AV_CDIM4=c823c769-1e71-49cd-8c0d-55729de5e678&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.197.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-197-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestnewshere.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:35:09 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/ Frame
0
0
Preflight
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
Protocol
HTTP/1.1
Server
2.16.186.139 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://bestnewshere.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Wed, 20 Oct 2021 22:35:11 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/
204 KB
204 KB
XHR
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1634743602/landscape2b36ddea-86cd-48fb-a467-7b124cb84bc4_1634742844056.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
2105e9523902cfa9b86246198c36ee19330c5c73b74b6f3f5f9adf87d98463f9

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=798624-1007303

Response headers

Date
Wed, 20 Oct 2021 22:35:11 GMT
Content-Range
bytes 798624-1007303/1427860
Connection
keep-alive
Content-Length
208680
X-Served-By
cache-wdc5562-WDC
Last-Modified
Wed, 20 Oct 2021 15:27:05 GMT
Server
cloudinary
X-Timer
S1634744376.822511,VS0,VE1
ETag
"c46fd1924948cba265f07fdf428ba780"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31532739
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
track
track1.aniview.com/
0
94 B
XHR
General
Full URL
https://track1.aniview.com/track?r=bestnewshere.com&sn=&cd4=c823c769-1e71-49cd-8c0d-55729de5e678&cd5=default&ic=0&tgt=0&app=&wi=680&he=383&test=&d36=6.1.2.78&apppkg=&fv=3&proto=https
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.127.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-127-9.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 20 Oct 2021 22:35:12 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
cors
data.ad-score.com/data/
1 B
272 B
XHR
General
Full URL
https://data.ad-score.com/data/cors?pm_st=ZcCNBzzquPAtHOMKYVZdLcTEpvppdHPc-FE7fPshldVrlKDkf03vOFUvH-E0zCOMphbFbkNA==&pm_ct=bf73e405e23c0c74f044c8e6&pm_pl=1634769306370&pm_td=6699&pid=1000177&en=1.1&callback=__pm_glbl_k97gVP29iLvm7B2f6ii7P9YI._gc4&tt=opt&v=e6b1558
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://bestnewshere.com
Date
Wed, 20 Oct 2021 22:35:13 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
cors
data.ad-score.com/data/
1 B
272 B
XHR
General
Full URL
https://data.ad-score.com/data/cors?pm_st=ZcCNBzzquPAtHOMKYVZdLcTEpvppdHPc-FE7fPshldVrlKDkf03vOFUvH-E0zCOMphbFbkNA==&pm_ct=ff05ac960c770baf32030b51&pm_pl=1634769306438&pm_td=6636&pid=1000177&en=1.1&callback=__pm_glbl_oWwx8e1cIE2fOUezio3xkNpx._gc4&tt=opt&v=e6b1558
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://bestnewshere.com
Date
Wed, 20 Oct 2021 22:35:13 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
cors
data.ad-score.com/data/
1 B
272 B
XHR
General
Full URL
https://data.ad-score.com/data/cors?pm_st=ZcCNBzzquPAtHOMKYVZdLcTEpvppdHPc-FE7fPshldVrlKDkf03vOFUvH-E0zCOMphbFbkNA==&pm_ct=bf73e405e23c0c74f044c8e6&pm_pl=1634769306370&pm_td=6947&pid=1000177&en=1.1&callback=__pm_glbl_k97gVP29iLvm7B2f6ii7P9YI._gc5&tt=opt&v=e6b1558
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://bestnewshere.com
Date
Wed, 20 Oct 2021 22:35:13 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
cors
data.ad-score.com/data/
1 B
272 B
XHR
General
Full URL
https://data.ad-score.com/data/cors?pm_st=ZcCNBzzquPAtHOMKYVZdLcTEpvppdHPc-FE7fPshldVrlKDkf03vOFUvH-E0zCOMphbFbkNA==&pm_ct=ff05ac960c770baf32030b51&pm_pl=1634769306438&pm_td=6923&pid=1000177&en=1.1&callback=__pm_glbl_oWwx8e1cIE2fOUezio3xkNpx._gc5&tt=opt&v=e6b1558
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://bestnewshere.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://bestnewshere.com
Date
Wed, 20 Oct 2021 22:35:13 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bestnewshere
URL
https://bestnewshere/
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| onbeforexrselect boolean| originAgentCluster object| _wpemojiSettings undefined| $ function| jQuery string| GoogleAnalyticsObject function| ga boolean| jQueryScriptOutputted function| initJQuery object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| addComment object| _mgIntExchangeNews object| MarketGidInfC1093798 function| MarketGidCContextBlock1093798 function| MarketGidCMainBlock1093798 function| MarketGidCInternalExchangeBlock1093798 function| MarketGidCColorBlock1093798 function| MarketGidCRejectBlock1093798 function| MarketGidCCriteoBlock1093798 function| MarketGidCInternalExchangeLoggerBlock1093798 function| MarketGidCObserverBlock1093798 function| MarketGidCSendDimensionsBlock1093798 function| MarketGidCAntifraudStatisticsBlock1093798 function| MarketGidCRtbBlock1093798 function| MarketGidCIframeSizeChangerBlock1093798 function| MarketGidCContentPreviewBlock1093798 function| MarketGidCGradientBlock1093798 function| MarketGidCResponsiveBlock1093798 boolean| mg_loaded_663986_1093798 object| NiceScroll object| MarketGidInfC1059382 function| MarketGidCContextBlock1059382 function| MarketGidCMainBlock1059382 function| MarketGidCInternalExchangeBlock1059382 function| MarketGidCRejectBlock1059382 function| MarketGidCElasticBlock1059382 function| MarketGidCInternalExchangeLoggerBlock1059382 function| MarketGidCObserverBlock1059382 function| MarketGidCSendDimensionsBlock1059382 function| MarketGidCRtbBlock1059382 function| MarketGidCDiscountBlock1059382 function| MarketGidCTestContentBlock1059382 function| MarketGidCIframeSizeChangerBlock1059382 function| MarketGidCContentPreviewBlock1059382 boolean| mg_loaded_663986_1059382 object| exports function| retinajs object| wp object| ua_result object| revcontent function| dspCriteoRTUSCallback function| renderRCWidget object| twemoji function| BezierClass number| a object| onClickExcludes function| mgReject1093798 function| mgLoadAds1093798 function| MarketGidCReject1093798 function| MarketGidLoadGoods1093798 object| _mgq function| _mgqp number| _mgqt number| _mgqi string| _mgCanonicalUri boolean| _mgPageViewEndPoint663986 string| _mgPvid function| mgReject1059382 function| mgLoadAds1059382_17426 function| MarketGidCReject1059382 function| MarketGidLoadGoods1059382_17426 boolean| MarketGidCSvsdsFlag object| __pm_glbl object| __pm_glbl_k97gVP29iLvm7B2f6ii7P9YI object| __pm_ads_list string| AdScoreObject function| adScore object| __pm_glbl_oWwx8e1cIE2fOUezio3xkNpx boolean| _mgPageView663986 function| LoadCriteoAllPlaces1093798 boolean| i.js.loaded boolean| i-noref.js.loaded object| _comscore function| udm_ object| ns_p object| COMSCORE object| com object| STREAM_CONFIGS string| STREAM_ID string| __EXCO_INTEGRATION_TYPE function| _avcp object| regeneratorRuntime string| pbPageIdentifier object| __EXCO function| av_sciv_hndlr1634769307415 function| Hls object| storageAni object| _mgwcapping boolean| _mgPageImp663986

48 Cookies

Domain/Path Name / Value
bestnewshere.com/anyone-for-an-october-surprise Name: exco-uid
Value: wkuvtebeau44o28z
.mgid.com/ Name: __cf_bm
Value: eqcDCj.kl9xPJhFCw6YQwEA0a2sQrMFLrvBap3gcZBQ-1634769305-0-AeO4hpyIEEc/fnwPMagoMuqXYmv3ll1h/1fqGFdZ8N6Er9FTQWEvBVniI3eFvkAl+T1YhZ2wUjQ8w96br39BvYA=
.bestnewshere.com/ Name: _ga
Value: GA1.2.1160229335.1634769306
.bestnewshere.com/ Name: _gid
Value: GA1.2.1627089869.1634769306
.bestnewshere.com/ Name: _gat
Value: 1
js.ad-score.com/ Name: token
Value: YenpgZqCuQsEm-853v-WiPCBuuEhMuJB
.mgid.com/ Name: muidn
Value: l9k6gfHva4zf
bestnewshere.com/ Name: pmtimesig
Value: [[1634769306381,0],[1634769306443,62]]
servicer.mgid.com/ Name: __mglb
Value: fc02a5af8306bee686576562f78e8f80
bestnewshere.com/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1093798%22%3A%7B%22page%22%3A1%2C%22time%22%3A1634769306788%7D%2C%22C1059382%22%3A%7B%22page%22%3A1%2C%22time%22%3A1634769306891%7D%7D
data.ad-score.com/ Name: token
Value: pAOSxJcAUvKYg-tnmn-BDwoFXWWyzyRP
.bidswitch.net/ Name: c
Value: 1634769307
.bidswitch.net/ Name: tuuid_lu
Value: 1634769307
.bidswitch.net/ Name: tuuid
Value: d6ec4d70-8c29-4429-8ebd-9acb5bbfdba8
.e-volution.ai/ Name: v_usr
Value: 1c78baa8-4fd6-42fb-b0b2-42d022dcbf2b
.360yield.com/ Name: tuuid
Value: 4c847682-9314-4ddf-a81a-54d6594ee10e
.360yield.com/ Name: tuuid_lu
Value: 1634769307
.creativecdn.com/ Name: u
Value: zIkGf0eprU8hhU5vPgNX
.creativecdn.com/ Name: ts
Value: 1634769307
.doubleclick.net/ Name: IDE
Value: AHWqTUlCoRHyn4svQER5oaXbC4qgQflYvmX10ePOMIvbDi3HjB-UfY7WB2cEL1zQo4Q
.adsrvr.org/ Name: TDID
Value: 79e39cae-5774-4fda-9bd0-573d33d2bacf
.lentainform.com/ Name: muidn
Value: l9k6gfHva4zf
.idealmedia.io/ Name: muidn
Value: l9k6gfHva4zf
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjUjvKSk4mKOhAFOAE.
.scorecardresearch.com/ Name: UID
Value: 1RSXMOOB6KSONLNIFO3YAXg1634769307
.mfadsrvr.com/ Name: tuuid
Value: 8f7d0d21-9a7a-4a66-a726-c9ad62ee7dd1
.mfadsrvr.com/ Name: c
Value: 1634769307
.mfadsrvr.com/ Name: tuuid_lu
Value: 1634769307
.mfadsrvr.com/ Name: ssh
Value: !mgid,1634769307
cm.mgid.com/ Name: mg_sync
Value: {"287839":1634769307,"371158":1634769307,"665953":1634769307}
.aniview.com/ Name: aniC
Value: 1634769307815-937596263743-008893-013-000898
.advertising.com/ Name: APID
Value: UPfa64c7bf-31f5-11ec-a684-061e8962b018
bestnewshere.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.casalemedia.com/ Name: CMID
Value: YXCZm2qeghMDQfZ3IrXojAAA
.casalemedia.com/ Name: CMPS
Value: 5206
.casalemedia.com/ Name: CMPRO
Value: 1200
.spotxchange.com/ Name: audience
Value: fa8cc7a7-31f5-11ec-87f6-1df4c96b0006
.quantserve.com/ Name: d
Value: EBwBDQHDJLjvsQA
.quantserve.com/ Name: mc
Value: 6170999c-3a3fb-d3fe9-d6d2d
.casalemedia.com/ Name: CMST
Value: YXCZm2FwmZwA
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 6c37f8f8c1e3ef60d917588178d00347
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMEs2Nk%2BzSLNINkw1Tk0zM0ixNDQ3tbAwNLdIMTAwNjFnAILEgplzQDQUAABQMQpv"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBILJg5B0hBAQAY8AIH"
.aniview.com/ Name: 2_C_42
Value: YXCZm2qeghMDQfZ3IrXojAAA&1200
sync.aniview.com/ Name: 2_C_42
Value: YXCZm2qeghMDQfZ3IrXojAAA&1200
.eqads.com/ Name: EQUser
Value: UID=ef373f5e-77cc-4f2d-8c43-4af44314fd6a
.casalemedia.com/ Name: CMRUM3
Value: dd6170999b2760&516170999b05a0&c36170999c2760av-fbf961f6-a522-4c31-92e7-52acd2d5ef9f&e66170999b2760&f16170999b05a0&2d6170999c2760CAESECv5xXsMS3yZ1YgGmZPDdJI&286170999c2760ef373f5e-77cc-4f2d-8c43-4af44314fd6a&276170999b0b40

3 Console Messages

Source Level URL
Text
security warning URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Message:
Mixed Content: The page at 'https://bestnewshere.com/anyone-for-an-october-surprise/' was loaded over HTTPS, but requested an insecure element 'http://bestnewshere/'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://bestnewshere.com/anyone-for-an-october-surprise/
Message:
Mixed Content: The page at 'https://bestnewshere.com/anyone-for-an-october-surprise/' was loaded over HTTPS, but requested an insecure element 'http://bestnewshere/'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://bestnewshere/
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ads.pubmatic.com
assets.revcontent.com
atrack.avplayer.com
bcp.crwdcntrl.net
bestnewshere
bestnewshere.com
bidswitch-eu.splicky.com
c.mgid.com
cdn.mgid.com
cdn.revcontent.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
data.ad-score.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
hbopenbid.pubmatic.com
id5-sync.com
image6.pubmatic.com
images.revcontent.com
img.revcontent.com
js.ad-score.com
jsc.mgid.com
match.adsrvr.org
mcd.ex.co
nep.advangelists.com
netdna.bootstrapcdn.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
player.aniview.com
player.avplayer.com
player.ex.co
prd-collector-anon.ex.co
premiumsrv.aniview.com
prg.smartadserver.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
s.adtelligent.com
s.amazon-adsystem.com
s.pubmine.com
sb.scorecardresearch.com
search.spotxchange.com
secure-assets.rubiconproject.com
servicer.mgid.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
sync.adtelligent.com
sync.aniview.com
sync.e-volution.ai
token.rubiconproject.com
track1.aniview.com
trends.revcontent.com
um2.eqads.com
use.fontawesome.com
www.google-analytics.com
www9.smartadserver.com
x.bidswitch.net
bestnewshere
sync.adtelligent.com
104.16.221.74
104.19.135.78
104.19.217.61
109.206.161.21
13.248.242.197
13.32.99.105
130.211.115.4
142.250.186.162
149.28.118.2
151.101.130.137
151.139.128.11
18.196.176.125
18.197.249.149
18.213.10.151
185.184.8.65
185.64.189.112
185.64.190.78
185.86.137.114
185.86.138.16
185.94.180.124
188.34.152.202
2.16.186.139
2.18.233.180
2.18.234.21
23.37.42.132
2600:9000:2250:d400:a:deb0:3380:93a1
2606:4700:3031::ac43:d645
2606:4700::6812:bcf
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:831::200a
2a02:26f0:6c00:28a::2c79
2a02:26f0:6c00::210:bb91
2a0c:5c81:5139::2
3.208.62.189
34.193.25.178
34.196.245.189
34.199.127.9
34.201.197.184
34.253.111.115
35.173.4.119
35.212.212.222
51.89.21.10
52.46.154.242
54.93.162.63
69.173.144.138
69.173.144.165
79.125.73.87
99.80.188.163
01a3331cf59a543d988b3300e7b4b9a43a50b2ac75b96b6dd68cb65182cf3212
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02d815369c5d72d7729fc453e52be1eeba7baf79a61b8a3e17c2e7cbe231720f
046ad44961dd3c757f140b3b5b62d716e7f5b0c9c82c5cd638f4e9ba888f90d8
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
078d03d494d06e9b3eb1bdd43f1520a3a5c11295ae6b650f0f86b0241bd67e67
07d86593830013f58b612782822c18b4c475983868c0fd6637793d6bef1f7f09
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76
118889179898e53e739e05af175a48ba756b88cfab97a78de740617903a5bde0
13952e1d11d70ff5ed875fbe819832c117facb968748949982760ef9453f87ed
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
1581fe8034dbb292b9cd285a7fd0afc97eddadda0606ee1a4a242a70aa36db80
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed
2105e9523902cfa9b86246198c36ee19330c5c73b74b6f3f5f9adf87d98463f9
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2693dcfcc1e50b77339d9e35787df24b602dd75031aab5cf48b44e608a41c9be
273282a153ded9e3bf56932b20e17408048ddd0d3edf359ebc52e1312a927c4e
28efb04ddbd534b09556412478e3005a130458f8c7b5bfd08b66e81402565f8e
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f719d34d3d7420ad540758d502a29633213bceaa985ea2df545aa60dc7e8758
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
32c594d95353e4d911c17fe4c12f5c7a27d5e7906424bd65fece533eecc0679b
3681ef809d5146d36519dd7777493c9e0a0d3fc042a723939395e28ba1cdbfce
3736cc3f1afd4fd6a3e5ccbb97e33c04dd5931742b88885be058a487fe612492
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3eb6b782f24df017571d820a54f09464c9099c3032bf8db5260e52d914a87634
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
443ae740fe8356c17d751a26eadec94e0ffce6ebe1de5f28b6cc822906731b83
47e102271931c05433fce182d0c355ddc9c1f4f015d559e256d93546762f9215
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4be248af2533387777c0841dbe22c2da3d19217cee48ae7c68063ba2966f1d77
4c95d706475a153fe4bc12a4aae383e5bf845cba076d95d76f413f51424802ee
5061e2bb84928d7ec05c8b0d9201ff849c791c42cd75ff0dc32f808dc85520d9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54985209ff4ddf164fb2b1e07b8de269f1a47f6d4596f0895c57a2189f08f193
561cd60795008e6d3713619a66f144b405ad565c173e1ecd46a2597c368ab119
57ff9e01654f1afd4da2b427fb4cc8bdffc81eb63aee1cd4973eca79d7d67117
5a2dfd7a27afa30a9e61ee23665d9da71751c73091371a408555c925aac758d4
5ac0db5640e532db9cfce1269ac4cfd681f5a3a17caf28c7baf94a104c9e3618
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61f6d054b1b2e3d1a07f0918e6ccc6c88ff308d6ddb3d7b45c6d1ef66fb59b9c
628948e608154b1dc916d8be3064033b3d8546c1d32ee326924d1dd2b01dcfcd
63186d14140620adb8e9886076790ef578fa00e273cb7a6e4e24eb46a9665206
63c5d8eff84836667125a54ccde8207d43eb34bb6eda0b9b95b285bad4418f8f
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
69a106181135228dbb43b59b3c68c405082aad982152b401a27d902ced7f3f03
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bc43a9d793fccdf595b551fb1a5efa4e789ae12e5c1d40306bb4ba68cd6543b
6faa9082282e075a073e7ea8758e2ffd548a8f41c92dd12af560d9843b8f11eb
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
75f693739105932866d638973167a2aadbf6b144f5f7dda0378e76811c54110c
7755d364b0c1834e7e0e54286183cdcb3e75c31229c1f3989bd4183d37094683
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7ca8d861b9c2503521278a5bb27f79d2049719ca59d8b480be6f5dc7ab11a1d2
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8439e31d7109df82a296d3303bcc14884b3e031e77f57505ba4a84af7d257979
847b4a71be4f5fb44b11922ada485c3b8cfdcd4edc8c964e42078132f7461965
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8cd9d704e6f42c7b473766cd51927ba0a6723b339ff0e1173989f66576d802c5
8d0b14361233d8598e0d95b3a77c1eb5a8d5c08460fd5b6c576abe311b45ca39
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e17416059f9e1ada9694ae457d869c6c2941d9da66c9e9ac5d725ab45b50d81
904a9436afe5f423cd1d3d0207fbf06f656124828c341c40a939f20fe514ae2d
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
91150b0d3b6de9177291a591510d6fc452a88a04fec25bf8af114f1d9a23669b
95a197d77b9034160ff10d2c8fa93a8c08605ca63713a2351449352198562c08
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
975714c6cb70ba105bfa87d2415df2fddde4a46c1d3ab9d0cf45465e56cba97d
98ffa43839a9d6b9b6973ddbf6c68b8cf0d9a542d7ad794a0e93cc62f724294d
9cb65209fa8e6bf6a9507aa0f584f3d97c9eb17cb60d20b24bf5ec7f6e80503f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3202c5584350517cab7f1de0d43d54db0979c449df18fe70241e8c35de80919
a4b979b136d37e751132c84dfb54d711e029081fa3bb1fa33f2d9150b9f5dd5e
a4fb6e71ff4b3e20ddae588929632b1b0cdb672d0db0d6c1b7c00ffeb63ee098
a5acbf914f2595cc6287123aaf0b7285e2852b79226c114f4031a714b07fdd27
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa085f47d6bd2b0785174ebb392195f194af83e9201f4d9f789b3c5560593ef6
aa0c5636f9e7fb4b9d13319620fe4cb1b487d44aa099ae7e87a99202d392e042
ac7b9f46edcec0a88c11c18bf0a08879953bfd042486c0a2a7c58426df25088c
ad0413684ba2711b6a00df4bd73835f209a97ba73870f4502f5c3359c14133c6
ae18de62aa2789e41ccff7bd5e3f8050d536deaad2b9a9ce4adfea08013f8c69
afb61bed4b90cc22d6fba77d271a4bcc6c9da7a10cec1db83d045ac99765c821
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b648e7e768f328dce7418e520792240c34c50a7a2fbe5d4cb5afb5d5118391c6
ba44c5137390df2bc9d79cf9404ac497d9f71e494605b69c0d020c58b3361b80
bbc08b676d54c8f448b423f9f8295962fabafe7dbe9be4e1db772497ec1cfc9b
bc42741b9da166d17ee97dc8a84762a7cee1d6fc7bf73cc66b923452b1ff381e
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3508051126ffa97486178f29ba4cb0e214c9c8a02f438815caae6b001b9b388
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c4a3e2715932cff1dc7d2c5346af3211a3bc24492054b98c194e3978a254eda9
c5840a4a93220918e09eacd0552609c1548f265f7e5317ca4acbc133d05eba38
c629c6d440f89b1c6f4e779729d71074ae8869b60a6361dcafca5d5e70550879
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062
cc37f65dc37a6ee1ee6478bdf3fe663b9d7a4e446a584f7eea756f77cb1c128d
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d
d298301d93d7cb69af9a377f3f193e22dad1a6e053f3d3826a43813473c9fb32
d999a5f50fde956ed9e790e9da936ddea4c663dfaded50fa5de4d50ba3e5dcb4
da6803ffceefb2e47f643cb2b17bb1cac41a29492066417aa60880bac3c4ff8b
dbe803bfa44254eeac3ce0060cf7b364c1437c8230839511fa2c038632f2ab4e
dc211d208330e3b774e4490b2731de6e6f003f2cd15dfff8dc563f425fd941e3
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e1efa8100f2570d82eb360d1a3e3df4c21156c334de60ea5f9b31c256104ae04
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992
e70db3da0c050d6d7612679670a1dfc348b03258f47c4733aa91c05040ef720c
ea4c64b7984222a3a8958d3daf6981d8958a955c3bd44aeb810efaa9a95652a7
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
ec51bd18a66799977faa6b2bca45b99fd240e6a1f7a8a9848d08fe20d0e5b52a
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
f122aaa855dbb3f7cf5a05368fbdcc7ddd86b4a7a56f1514f1944bbde684111d
f4474673754b15f9d44685ef051e2955cf440fdb3237d76dabdacd4bca522926
f52733ad0523c74ce6129fcff09c9463aa9185dc75f1dc829d6d6f87f29906cd
f7d822263292e9ce8b95fd2dce87d01aa21f3ce55ea4386e5a5135dd60243fa6
f7e02db8d62e3ff306d0607d2341d9b348583b24e4a65fa8c6b41c055816416f
fb60128e57c39484c0597ad80131cfdbee334f3fd284cdfd490cb29a3aa43028
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fdad60df8833166013b1fbd8750c0e29ba1589f25504a8aba45cfd102356432a
fdcd99bbf5f9f20b5da56aa30fd21e0dfff93aa85041ca0e2d64acebae05d8dd